shibboleth-dev - Re: extkeytool / IdP guide suggestion
Subject: Shibboleth Developers
List archive
- From: "'David Champion'" <>
- To:
- Subject: Re: extkeytool / IdP guide suggestion
- Date: Thu, 11 Aug 2005 00:09:34 -0500
* On 2005.08.10, in
<>,
* "Scott Cantor"
<>
wrote:
>
> > Extkeytool won't create a new Java keystore....
>
> Well, that's not really what it's for.
Fair enough, but it's a lot handier than the alternatives if you have
PEM keys that you need made available to metadatatool. I've been
through the alternatives, and... the horror.
> Actually, I don't think we expect anybody to use them anymore, with the
> unfortunate exception of metadatatool. The real bug here is that
> metadatatool hasn't been redone so that it can read and use PEM keys like
> the IdP can. This was just due to time/interest.
That's good to hear. Allowing metadatatool to use PEM keys/certs seems,
in the long term, much better. I think I'd say that JKS is just an
obstacle to deployment. Meanwhile, having some quick tips in the guide
would help some people a lot.
Thanks!
--
-D.
NSIT University of Chicago
- extkeytool / IdP guide suggestion, David Champion, 08/10/2005
- RE: extkeytool / IdP guide suggestion, Scott Cantor, 08/11/2005
- Re: extkeytool / IdP guide suggestion, 'David Champion', 08/11/2005
- Re: extkeytool / IdP guide suggestion, Walter Hoehn, 08/11/2005
- Re: extkeytool / IdP guide suggestion, 'David Champion', 08/11/2005
- RE: extkeytool / IdP guide suggestion, Scott Cantor, 08/11/2005
Archive powered by MHonArc 2.6.16.