I have a client who acts as a Shibboleth Service Provider (SP), and the corresponding Identity Provider (IdP) needed to update some of their information, so I had to spend a few hours debugging shibboleth again this morning. The punchline: in the metadata for an IdP, there are TWO places you need to specify the […]
Category Archives: shibboleth
shibboleth attribute “scope () not accepted” and “value () could not be validated by policy, rejecting it”
Thursday, June 25, 2009
Debugging Shibboleth and “error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate” errors
Friday, July 13, 2007
Mucking about with Shibboleth again, and ran into some errors on the SP, specifically: 2007-07-10 19:49:42 DEBUG SAML.libcurl [79] sessionGet: SSL read: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate, errno 0 This is the “catch-all” error message for Shibboleth OpenSSL Errors. After much research and testing, it was a problem with the IdP, their server was rejecting […]