shibboleth-dev - Re: Apache setup not quite so simple
Subject: Shibboleth Developers
List archive
- From: Nate Klingenstein <>
- To: "Scott Cantor" <>
- Cc: "'Shibboleth Development'" <>
- Subject: Re: Apache setup not quite so simple
- Date: Thu, 16 Jun 2005 17:20:34 +0000
Yuck. It's added.
On Jun 16, 2005, at 17:07, Scott Cantor wrote:
Turns out mod_ssl's set up for 1.3 is a bit more complex than anticipated.
Nate, can you add this to the checklist's sample config for the SOAP vhost?
SSLVerifyClient 10
Any value is fine, just long enough for what anybody would be likely to use.
We have our own dpeth enforcement anyway.
Apparently even when optional_no_ca is used, mod_ssl gets overeager if the
client sends a chain of certs and rejects them out of hand. That was Eva's
problem over on shib-users.
-- Scott
- Apache setup not quite so simple, Scott Cantor, 06/16/2005
- Re: Apache setup not quite so simple, Nate Klingenstein, 06/16/2005
Archive powered by MHonArc 2.6.16.