>>> On 29/10/2009 at 16:51, in message
<[log in to unmask]>,
Steve Holden <[log in to unmask]> wrote:
>
> Has anyone else experienced a similar problem?
> If so, could you post the appropriate lines from you JSTOR-compliant
> config?
We've had no problem here and use a JANET SCS certificate with this in idp.xml
<FileResolver Id="ukfederationCred">
<Key>
<Path>file:/c:/apache2.2/conf/idp1.key</Path>
</Key>
<Certificate>
<Path>file:/c:/apache2.2/conf/idp.cer</Path>
<CAPath>file:/c:/apache2.2/conf/sureserverEDU.crt</CAPath>
</Certificate>
</FileResolver>
and this in the httpd-ssl.conf
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLVerifyClient optional_no_ca
SSLVerifyDepth 10
SSLOptions +StdEnvVars +ExportCertData
SSLCertificateFile C:/Apache2.2/conf/idp.cer
SSLCertificateKeyFile C:/Apache2.2/conf/idp1.key
SSLCertificateChainFile C:/Apache2.2/conf/sureserverEDU.crt
This is the same as the two Johns in that its a Cybertrust certificate (I assume they're bot JANET SCS as well).
I notice that neither of the Johns have the CAPath line in their idp.xml, is it not needed?
Anyway, may it would be worth changing the certificate to a Janet SCS one to see if that fixed it. It does occur to me though, will that break anything else? ePTID?
Cheers
Andy
The University of Dundee is a registered Scottish charity, No: SC015096
|