shibboleth-dev - Re: [Shib-Dev] testshib2 cert Q
Subject: Shibboleth Developers
List archive
- From: Peter Schober <>
- To:
- Subject: Re: [Shib-Dev] testshib2 cert Q
- Date: Mon, 31 Aug 2009 12:36:55 +0200
- Organization: Vienna University Computer Center
Unless it's about development of Shib code this should probably go to
the shibboleth-users list.
* Alistair Young
<>
[2009-08-31 10:51]:
> I have a Q about testshib2 I hope you could help with. Registering an SP
> with a real cert, no intermediate and with a self signed cert all work
> fine. However, if the cert is signed by a dummy CA, even although the
> full cert chain is put on the wire by the SP, it always gets unknown_ca
> back. Is this how testshib works - only accepting self signed or real
> certs?
I've never used anything but the explicit key trust model, but did you
look at the wiki, esp. the second link below?
https://spaces.internet2.edu/display/SHIB2/MetadataKeyDescriptor
https://spaces.internet2.edu/display/SHIB2/PKIXTrustEngine
https://spaces.internet2.edu/display/SHIB2/ExplicitKeyTrustEngine
Cheers,
-peter
- testshib2 cert Q, Alistair Young, 08/31/2009
- Re: [Shib-Dev] testshib2 cert Q, Peter Schober, 08/31/2009
Archive powered by MHonArc 2.6.16.