Shibboleth Developers

["RL 'Bob' Morgan" <>]

On 5 Jun 2003, Derek Atkins wrote:

> "RL 'Bob' Morgan" 
> <>
>  writes:
>
> > I will leave the UW origin HS on shib.cac.washington.edu set up to use a
> > server cert issued by the UW CA.  To test with it, a target would add the
> > UW site metadata to sites.xml, then add the UW CA to trust.xml in the
> > KeyAuthority section corresponding to the incommon pilot, ie with all the
> > other CA certs.  Data below, also at
>
> So, is the UW origin still using this same HS?  I'm getting a different
> error right now:
>
> SHIRE failure at (http://localhost/shibboleth/SHIRE)
>
> Exception: trust failed: ShibPOSTProfile::verifySignature() cannot
> validate the provided signing certificate(s)

Well, it's been running since May 28 ... I just got the same old error
message:

Exception: cryptographic check failed: SAMLSignedObject::verify() caught
an XMLSec crypto exception

when trying the UW origin with my test target:
https://perq.cac.washington.edu/cgi-bin/ppd.

I see you've tested via perq today, did you get "crypto exception"?

 - RL "Bob"


------------------------------------------------------mace-shib-design-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at 

    http://archives.internet2.edu/

------------------------------------------------------mace-shib-design--