Red Hat Enterprise 6 was recently released. The SP is compatible with itRed Hat and CentOS 6 and 7, but not if the OS-supplied version of libcurl is used. Red Hat has rebuilt many packages on top of the Netscape Security Services stack (NSS) instead of OpenSSL, including curl.
This is a breaking change because curl does not have the same feature set when used with NSS, and one of the features it loses is required by the SP for basic operation in most, though not all, deployments. Specifically, if your SP requires the use of back-channel SOAP communication with IdP (this describes most scenarios involving legacy IdPs and attribute queries), it won't function without the workaround noted below.
Until recently, the Shibboleth Project provided a substitute libcurl package (called libcurl-openssl) that was intended to "upgrade" and replace the OS-supplied package. This was rightly noted as a bad solution, since it potentially affects other OS-supplied software.
As of version 2.4.3, the The Service Provider package set now includes an improved a curl-openssl package set that installs to /opt/shibboleth and does not overwrite or interfere with the OS-supplied version. It is also based on the most a more recent version of libcurl available and will be kept updated if relevant curl security updates are released.
On affected platforms (RH6+, CentOS 6+, etc.), the shibboleth packages now depend on this look-aside package and ensure its installation in the normal fashion. The /etc/sysconfig/shibd script installed for you will also include a LD_LIBRARY_PATH variable that directs the shibd process to load the alternative version of libcurl.so instead of the normal one.
...
Note also that some of the utilities accompanying the SP, such as the resolvertest program, may not function properly without the same variable being set, but there is no shell script provided for you to set this; you'll have to do this by hand.
...
.