docker-shibboleth-idp icon indicating copy to clipboard operation
docker-shibboleth-idp copied to clipboard

Published 20 hours ago verified publisher icon jtgasper3

jetty-ssl-context.xml file

Open tdsacilowski opened this issue 9 years ago • 1 comments

I'm interested in using this Docker image for my production Shib IdP system and was just going through the Dockerfile and comparing it against the IdP installation instructions located at https://wiki.shibboleth.net/confluence/display/IDP30/Jetty93.

Just curious why you chose not to include the jetty-ssl-context.xml file? Is it simply to provide a workaround when using a PKCS12 keystore type?

Thanks!

tdsacilowski avatar Sep 16 '15 15:09 tdsacilowski

Hello,

Back when I first put the 3.X image together the wiki did not have a jetty-ssl-context.xml as part of the setup docs. I noticed it the last week when I was there reviewing for a different project. My guess is that that there are changes, mostly to ssl cipher selection and ordering, etc. probably not an issue if fronting with a load balancer or Apache httpd. I had planned to go back and look but forgot about it. So I appreciate you submitting the issue and bring it back to memory. I should get to it this weekend.

jtgasper3 avatar Sep 17 '15 21:09 jtgasper3