Shibboleth.DEPRECATION : MetadataGenerator handler
Etienne Dysli Metref
etienne.dysli-metref at switch.ch
Thu Dec 9 07:27:58 UTC 2021
On 06.12.21 19:22, Peter Schober wrote:
> One (server mode) connecting to the Java TCP listener and exposing a
> TLS server (and expecting client certs from a certain CA/chain). And
> another one (client mode) for mod_shib to connect to (on a non-TLS TCP
> port), itself connecting to the TLS server on the Java side with a
> client cert.
This is called a "service mesh" for those going the "containerise all
the things" way. ;)
If it's like the IdP, the number of configuration files to manage
(20-30) makes it rather costly to put under configuration management. I
haven't yet tried to automatically build a ConfigMap for an IdP on
Kubernetes, but I dread that day...
Etienne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://shibboleth.net/pipermail/users/attachments/20211209/d0ec855e/attachment.sig>
More information about the users
mailing list