No that is not true. The certificates the user sees bear no relation to the certificate used to authenticate the IIS server to the cosign service.
On Tue, 2 Feb 2010, HODGEN Wayne wrote: > I know you did and I read your answer. It doesn't hurt to ask the people > developing the software though does it? Perhaps someone is working on such > functionality to make it operate like the apache version. > > The problem with multiple services on one filter is that while the cookies > may be fine, all the sites with names that do not match the certificate will > prompt the browser to tell the user that the cert may be dodgy. So logically > to get clean behaviour for multiple sites on IIS6 it will need multiple > cosign installs. > > Wayne > > -----Original Message----- > From: WOOD Graeme > Sent: 01 February 2010 18:27 > To: HODGEN Wayne > Cc: [email protected] > Subject: Re: [Cosign-discuss] Cosign 3 on IIS6 > > Wayne, > > I've already answered this question to you internally. The IIS filter does > not work like the apache filter. You can only have one certificate. This is > not a problem. It does not affect the web services run from the IIS box and > all web services can have separate session cookies specified using the per > service directives. > > Graeme > > On 1 Feb 2010, at 17:09, HODGEN Wayne wrote: > >> I've been putting a v3 cosign together on a Win 2003 test system running >> IIS6 and I'm just wondering if someone can clear up a question I have. On >> the Unix side we can use one apache config to set up multiple virtual sites >> all running their own certs and names. On windows that doesn't seem to be >> possible? >> >> Each <service> tag just uses the cert set at the top of the >> cosign.dll.config correct? So if I wanted to run multiple sites using >> different names and certs I'd need to install a cosign module for each one? >> >> Or is there a way to set the cert on a per service basis like apache does? >> >> Thanks >> >> Wayne >> -- >> The University of Edinburgh is a charitable body, registered in >> Scotland, with registration number SC005336. >> >> >> ---------------------------------------------------------------------- >> -------- The Planet: dedicated and managed hosting, cloud storage, >> colocation Stay online with enterprise data centers and the best >> network in the business Choose flexible plans and management services >> without long-term contracts Personal 24x7 support from experience >> hosting pros just a phone call away. >> http://p.sf.net/sfu/theplanet-com >> _______________________________________________ >> Cosign-discuss mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/cosign-discuss >> > > -- > > > Graeme Wood, Unix Section of the IT Infrastructure Division, Information > Services, The University of Edinburgh > Email: [email protected] Phone: +44 131 650 5003 Fax: +44 131 650 6552 > > The University of Edinburgh is a charitable body, registered in Scotland, > with registration number SC005336. > > > > > > -- Graeme Wood, Unix Section of the IT Infrastructure Division, Information Services, The University of Edinburgh Email: [email protected] Phone: +44 131 650 5003 Fax: +44 131 650 6552 The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
