shibboleth-dev - RE: client certificate chains and 1.3 IdP

Subject: Shibboleth Developers

List archive

RE: client certificate chains and 1.3 IdP

From: "Scott Cantor" <>
To: "'Ian Young'" <>, <>
Subject: RE: client certificate chains and 1.3 IdP
Date: Tue, 5 Jul 2005 18:34:33 -0400
Organization: The Ohio State University

Preliminary testing suggests that the SP can be told to send the chain and
is doing that, but the IdP servlet is not getting more than the EE cert.

What's not clear is whether mod_ssl or mod_jk is at fault. That bug link you
posted makes me willing to believe mod_ssl might just be broken. There's no
guarantee that Red Hat's Apache build has that fix, but if you built from
source and were using a version they claim is fixed, that might suggest
mod_jk is the bug.

-- Scott

client certificate chains and 1.3 IdP, Ian Young, 07/05/2005
- RE: client certificate chains and 1.3 IdP, Scott Cantor, 07/05/2005
- RE: client certificate chains and 1.3 IdP, Scott Cantor, 07/05/2005
- RE: client certificate chains and 1.3 IdP, Scott Cantor, 07/05/2005
- RE: client certificate chains and 1.3 IdP, Scott Cantor, 07/06/2005
  - RE: client certificate chains and 1.3 IdP, Scott Cantor, 07/06/2005
  - Re: client certificate chains and 1.3 IdP, Ian Young, 07/06/2005
    - Re: client certificate chains and 1.3 IdP, Walter Hoehn, 07/06/2005
      - Re: client certificate chains and 1.3 IdP, Ian Young, 07/06/2005
        
        RE: client certificate chains and 1.3 IdP, Scott Cantor, 07/06/2005
        
        Re: client certificate chains and 1.3 IdP, Ian Young, 07/06/2005
        
        RE: client certificate chains and 1.3 IdP, Scott Cantor, 07/06/2005
        RE: client certificate chains and 1.3 IdP, Thomas Lenggenhager, 07/07/2005
      - RE: client certificate chains and 1.3 IdP, Scott Cantor, 07/06/2005

List archive

RE: client certificate chains and 1.3 IdP