Shibboleth Developers

["RL 'Bob' Morgan" <>]

I have the UW origin now running with the HS on one box
(shib.cac.washington.edu) and the AA on another box
(abajo.cac.washington.edu), and it seems to work OK.  This is using the
CryptoHandleRepository, obviously.

Only odd thing is that when I put the directives in httpd.conf to cause
shibboleth/AA to do client cert request/verification, mod_ssl appears to
segfault (despite the fact that this works fine on shib.cac).  Oh well.

I wouldn't say this is the easiest thing in the world to configure, but
it's do-able.  I spose at some point we might start to think that having
the HS and AA on separate boxes would be the normal setup, and we might
offer distinct origin.properties files for each.

 - RL "Bob"


------------------------------------------------------mace-shib-design-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at 

    http://archives.internet2.edu/

------------------------------------------------------mace-shib-design--