...
Expand | ||
---|---|---|
| ||
If Shibboleth is installed via RPM, signing/encryption key and certificate files are generated automatically. Check if you have sp-signing-cert.pem, sp-signing-key.pem, sp-encrypt-key.pem, sp-encrypt-cert.pem in /etc/shibboleth directory. If they are not there, generate them. shib-keygen -n sp-signing -h yourServername -y 10 (your servername will be the CN of the certificate) shib-keygen -n sp-encrypt -h yourServername -y 10 |
If your website is behind a Load Balancer
Please make sure that the real client's IP address (e.g. "x-forwarded-for") is being passed to the SP, instead of the load-balancer's IP address. Please see this page for details: Pass the real client IP to the Shibboleth SP when your site is behind a load balancer
Shibboleth Configuration Check
...