That certificate error is what is most likely causing your problems. On Dec 20, 2011 6:33 AM, "Auninda Rumy Saleque" <nightstalker2...@gmail.com> wrote:
> Hello, > i am apologizing beforehand for a lengthy message. I am having trouble > generating proxy tickets following this tutorial: > > https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough. > > Heres my scenario: > > my cas server link is this: > https://192.168.1.242:8443/cas > > link of my web service using cas is: > https://192.168.2.95/cgi-bin/koha/opac-user.pl > > while trying out the cas proxy tutorial, i executed the following link for > getting back a validated pgt: > > > https://192.168.1.242:8443/cas/serviceValidate?ticket=ST-1-D5AfJ2wXKGW7boxQqdcD-cas&service=https://192.168.2.95/cgi-bin/koha/opac-user.pl&pgtUrl=https://192.168.1.242:8443/test.html > > and the return xml gives me a successful authentication with only the user > name but i could not find any PGT with it. > > i traced back the cas.log file and i found the following error(part of the > log is given in the following and the complete log is attached): > > 2011-12-20 12:33:03,817 ERROR [org.jasig.cas.util.HttpClient] - > java.security.cert.CertificateException: No subject alternative names > present > javax.net.ssl.SSLHandshakeException: > java.security.cert.CertificateException: No subject alternative names > present > at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) > at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1639) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:215) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:209) > at > sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1033) > at > sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:146) > at sun.security.ssl.Handshaker.processLoop(Handshaker.java:546) > at sun.security.ssl.Handshaker.process_record(Handshaker.java:482) > at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:904) > at > sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1140) > at > sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1167) > at > sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1151) > at > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:423) > at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) > at > sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153) > at > org.jasig.cas.util.HttpClient.isValidEndPoint_aroundBody4(HttpClient.java:109) > at > org.jasig.cas.util.HttpClient.isValidEndPoint_aroundBody5$advice(HttpClient.java:44) > at org.jasig.cas.util.HttpClient.isValidEndPoint(HttpClient.java:1) > ---- > apart from the above error everything else is working fine. > > now my queries are: > -> are there any extra configurations i need to make for receiving back > the PGTs? > - > the callback url (pgtUrl=https://192.168.1.242:8443/test.html) i am > using, is there anything wrong with it or does it have to be something > specific? > > i did add my cas server certificate to the cas server's jvm, so that the > call back url does not fail authenticating but still i am getting the > error. > > I am using cas server 3.4.11 and i am testing these setups using local ip. > Any help will be greatly appreciated. > > Thank you. > > -- > Auninda Rumy Saleque > Asst. System Programmer > Ayesha Abed Library > BRAC University > Dhaka, Bangladesh > > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > scott.battag...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
