Thanks for the info Phil. The Penn State CoSign "hit" was very similar, but a little dated. I did not see any follow-up solution, so I was not sure if it was still hanging out there.
http://www.mail-archive.com/[email protected]/msg00325.html Jarod has also had us configure the IIS7 instance with one default website instance controlled by the applicationHost.config file and individual web.config/CoSign inserts for the individual apps/sites. Sincerely, Louis Englund Humility is not thinking less of yourself but thinking of yourself less. --C.S. Lewis Database Administrator Senior - LSA Information Technology 734 647 8345-W | [email protected] University of Michigan | College of Literature, Science & Arts | 500 South State St | Ann Arbor, MI 48109 -----Original Message----- From: Phil Pishioneri [mailto:[email protected]] Sent: Tuesday, March 15, 2011 11:30 AM To: Englund, Louis Cc: Lee, Brian; [email protected]; [email protected]; Rolston, Timothy Subject: Re: [Cosign-discuss] cosign module faulting On 3/15/11 9:24 AM, Englund, Louis wrote: > Thanks for the feedback. I also am scratching my head on this. Only > seems to be IIS7 sites having the issue at this point. Found a couple > of Penn State hits with folks also having the same issue, but no > solution yet. I will let you know if I see anything useful. I'm not aware of any Penn State filter sites having trouble. (I work in the group that supports our Cosign service.) As alluded to in other messages in this thread, IIS Cosign filters (both IISCosign and CosignModule) use a shared pool of connections to the Cosign daemons, which means that only one certificate should (can) be active. The other web sites' Cosign Service Names should be listed in the cosign.conf as using that one certificate. I've been recommending to people using one IIS7 instance for multiple protected sites to configure the Service Name for that additional site via applicationHost.config, with a section like <location path="Additional Web Site" overrideMode="Allow"> <system.webServer> <cosign> <service name="cosign-additional_website..." /> </cosign> </system.webServer> </location> (plus that site still needs the "/cosign/valid" configurations). -Phil ------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
