On 3/15/11 9:24 AM, Englund, Louis wrote: > Thanks for the feedback. I also am scratching my head on this. Only > seems to be IIS7 sites having the issue at this point. Found a couple > of Penn State hits with folks also having the same issue, but no > solution yet. I will let you know if I see anything useful.
I'm not aware of any Penn State filter sites having trouble. (I work in the group that supports our Cosign service.) As alluded to in other messages in this thread, IIS Cosign filters (both IISCosign and CosignModule) use a shared pool of connections to the Cosign daemons, which means that only one certificate should (can) be active. The other web sites' Cosign Service Names should be listed in the cosign.conf as using that one certificate. I've been recommending to people using one IIS7 instance for multiple protected sites to configure the Service Name for that additional site via applicationHost.config, with a section like <location path="Additional Web Site" overrideMode="Allow"> <system.webServer> <cosign> <service name="cosign-additional_website..." /> </cosign> </system.webServer> </location> (plus that site still needs the "/cosign/valid" configurations). -Phil ------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
