shibboleth-dev - RE: change to tests in the shib IdP Install checklist.....
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>, <>
- Subject: RE: change to tests in the shib IdP Install checklist.....
- Date: Tue, 28 Dec 2004 16:11:23 -0500
- Organization: The Ohio State University
> I was thinking of suggesting that people type something like this to
> make sure that they've correctly configured the SSL support into
> apache:
>
> curl -L --key "../shibboleth.key" --cert "../shibboleth.crt" --cacert
> "../shibboleth.crt" https://stc-linux.cis.brown.edu:8443/jsp-examples
I don't think this will work if the certificate isn't self-signed. I would
think you either need to have the actual CA in that file, or you'd need to
use -k to just disable the check.
If it works, I need to look at the code because I couldn't get my code to
work that way without overriding more of openssl than libcurl does.
> (Note: I'm not sure why the -L is needed, but this doesn't seem to
> work for me without it....)
-L just says to follow redirects. It should work either way, but you're
getting back an empty body with a Location header. I would use -I instead
and just invoke a HEAD request. You could also pass the command to dump the
server response headers, don't recall what it is. But that's shorter output.
-- Scott
- change to tests in the shib IdP Install checklist....., Steven_Carmody, 12/28/2004
- RE: change to tests in the shib IdP Install checklist....., Scott Cantor, 12/28/2004
- RE: change to tests in the shib IdP Install checklist....., Steven_Carmody, 12/28/2004
- RE: change to tests in the shib IdP Install checklist....., Scott Cantor, 12/28/2004
- RE: change to tests in the shib IdP Install checklist....., Steven_Carmody, 12/28/2004
- RE: change to tests in the shib IdP Install checklist....., Scott Cantor, 12/28/2004
Archive powered by MHonArc 2.6.16.