I have read through the document here:<br> <a href="https://wiki.shibboleth.net/confluence/display/SHIB2/SPReverseProxy">https://wiki.shibboleth.net/confluence/display/SHIB2/SPReverseProxy</a><br>but still have a question about handlerSSL.<br>
<br>My setup is a front-end apache server that handles the SSL is a reverse proxy to the shib SP server using http (non-secure). I have set my ServerName to include the scheme and port, as: <a href="https://example.com:443">https://example.com:443</a>, and also include X-Forwarded-Proto from the proxy.<br>
<br>I do not have handlerSSL set in my shibboleth2.xml config for the Sessions, so the default is "true". However, I am not seeing any problems in this configuration, and so far all my tests are working. I tried to set it to "false", and also explicitly set to "true", but it does not seem to affect the operation of the SP.<br>
<br>What's going on here? I don't want to miss something that might crop up later.<br><br>I am using an IdP initiated flow and only with HTTP-POST on CentOS 5.8 x64, httpd 2.2.3-65, shibboleth 2.5.0-2.<br><br>