Shibboleth Developers

[Derek Atkins <>]

"RL 'Bob' Morgan" 
<>
 writes:

> On 5 Jun 2003, Derek Atkins wrote:
> 
> > "RL 'Bob' Morgan" 
> > <>
> >  writes:
> >
> > > I will leave the UW origin HS on shib.cac.washington.edu set up to use a
> > > server cert issued by the UW CA.  To test with it, a target would add 
> > > the
> > > UW site metadata to sites.xml, then add the UW CA to trust.xml in the
> > > KeyAuthority section corresponding to the incommon pilot, ie with all 
> > > the
> > > other CA certs.  Data below, also at
> >
> > So, is the UW origin still using this same HS?  I'm getting a different
> > error right now:
> >
> > SHIRE failure at (http://localhost/shibboleth/SHIRE)
> >
> > Exception: trust failed: ShibPOSTProfile::verifySignature() cannot
> > validate the provided signing certificate(s)
> 
> Well, it's been running since May 28 ... I just got the same old error
> message:

Hmm, ok, so you still get the same error...

> Exception: cryptographic check failed: SAMLSignedObject::verify() caught
> an XMLSec crypto exception

I'm not getting this anymore.  It's almost as if my metadata files aren't
being read in properly, but I can't imagine that's changed in the last
couple days....

> when trying the UW origin with my test target:
> https://perq.cac.washington.edu/cgi-bin/ppd.
> 
> I see you've tested via perq today, did you get "crypto exception"?

Nope, I did not.   I got the error message above.

>  - RL "Bob"

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       

                        PGP key available

------------------------------------------------------mace-shib-design-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at 

    http://archives.internet2.edu/

------------------------------------------------------mace-shib-design--