问题描述
我有一个OpenID依赖方设置并使用XRDS.它通过了 http://test-id.org/上的"RP具有可发现的return_to"互操作性测试. RP/DiscoverableReturnTo.aspx .
I have an OpenID relying party setup and using XRDS. It passes the "RP has discoverable return_to" interop test over at http://test-id.org/RP/DiscoverableReturnTo.aspx.
Yahoo不再抱怨警告:该网站尚未确认其在Yahoo!中的身份,并且可能是欺诈性的".如Andrew Arnott的出色博客文章所述: http: //blog.nerdbank.net/2008/06/why-yahoo-says-your-openid-site.html
Yahoo no longer complains with the message "Warning: This website has not confirmed its identity with Yahoo! and might be fraudulent." as outlined in Andrew Arnott's excellent blog post: http://blog.nerdbank.net/2008/06/why-yahoo-says-your-openid-site.html
但是,当我尝试使用AOL进行身份验证时,看到警告!站点验证无法完成".消息.
However, when I try to authenticate using AOL I see the "Warning! site verification could not be completed." message.
推荐答案
在验证 return_to 值时,AOL不支持RFC 4366 TLS服务器名称指示"(SNI)扩展.允许在同一IP地址上使用多个SSL证书.如果您的服务器是这样配置的,则AOL将仅看到IP地址的默认证书.如果碰巧与依赖网站的证书不匹配,AOL将(错误地)报告错误.
When verifying the return_to value, AOL doesn’t support the RFC 4366 TLS "Server Name Indication" (SNI) extension, which allows multiple SSL certificates on the same IP address. If your server is so configured, AOL will only see the default certificate for the IP address. If it doesn’t happen to match the certificate of the relying website, AOL will (incorrectly) report an error.
即这是AOL的错误.
这篇关于您如何使AOL的OpenID网站验证有效?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!