A different key and cert cannot be specified for each host. As such, the central weblogin server will need to be configured to allow whatever cert you use to check cookies for each cosign service.
For example, if the CN of the certificate specified by <ChainFilepath> is example.ed.ac.uk and the IIS server is also hosting something like somedepartment.ed.ac.uk, the weblogin server's cosign.conf would need a line similar to this: service cosign-somedepartment\.ed\.ac\.uk https://somedepartment.ed.ac.uk/cosign/valid 0 example\.ed\.ac\.uk Jarod PINEDA Julieta wrote: > We are in the process of upgrading to Cosign 3. I have one question > about the upgrade for IIS: > Some of our servers serve multiples URLs. I'm not sure if we need to > specify a .cert and .key for each of the virtual hosts (I understand > that we may have to do that for V3?), and how to do that > > Are there directives like<ChainFilePath> and<PrivateKeyFilePath> for > each<Service>? > > Thank you! > Julieta. > > ------------------------------------------------------------------------------ OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
