We are already using CAS5.2 and password management working fine. But for CAS version 6 we are getting the ldap referral error "java.security.cert.CertificateException: Hostname does not match the hostname in the server's certificate site:stackoverflow.com" How to get around with this
This is my cas.properties cas.authn.pm.enabled=true cas.authn.pm.policyPattern=^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9 ])(?=.*?[#?!@$%~()_{}-]).{8,}$ cas.authn.pm.reset.text=Reset your password with this link: %s cas.authn.pm.reset.subject=Password Reset Request cas.authn.pm.reset.from=myemail.mydomain.com #password reset expiry is set to 1 day equivalent minutes cas.authn.pm.reset.expirationMinutes=1440 cas.authn.pm.reset.emailAttribute=secondaryEmail cas.authn.pm.reset.securityQuestionsEnabled=true # Automatically log in after successful password change cas.authn.pm.autoLogin=false # Used to sign/encrypt the password-reset link cas.authn.pm.reset.crypto.encryption.key=asdasdasdasdasdasdasdasdasdasd cas.authn.pm.reset.crypto.signing.key=asdasdasasdasdasdasdadsadasdasdasdasd cas.authn.pm.reset.crypto.enabled=true #Email Submissions spring.mail.host=smtp.office365.com spring.mail.port=587 spring.mail.username=myem...@email.com spring.mail.password=pass spring.mail.testConnection=true spring.mail.properties.mail.smtp.auth=true spring.mail.properties.mail.smtp.starttls.enable=true # ##LDAP Password management # cas.authn.pm.ldap.type=AD # cas.authn.pm.ldap.ldapUrl=ldaps://myldap:636 cas.authn.pm.ldap.useSsl=true cas.authn.pm.ldap.useStartTls=false cas.authn.pm.ldap.connectTimeout=50000 cas.authn.pm.ldap.baseDn=DC=xx,DC=xx,DC=xx,DC=xx cas.authn.pm.ldap.searchFilter=cn={user} cas.authn.pm.ldap.subtreeSearch=true cas.authn.pm.ldap.bindDn=CN=xx,OU=xx,DC=xx,DC=xx,DC=xx,DC=xx cas.authn.pm.ldap.bindCredential=pass # cas.authn.pm.ldap.connectionStrategy= cas.authn.pm.ldap.trustCertificates=file:/etc/cas/myldap.cer ## cas.authn.pm.ldap.keystore= ## cas.authn.pm.ldap.keystorePassword= ## cas.authn.pm.ldap.keystoreType=JKS|JCEKS|PKCS12 cas.authn.pm.ldap.poolPassivator=BIND cas.authn.pm.ldap.minPoolSize=3 cas.authn.pm.ldap.maxPoolSize=10 cas.authn.pm.ldap.validateOnCheckout=true cas.authn.pm.ldap.validatePeriodically=true cas.authn.pm.ldap.validatePeriod=600 cas.authn.pm.ldap.validateTimeout=5000 cas.authn.pm.ldap.failFast=true cas.authn.pm.ldap.idleTime=500 cas.authn.pm.ldap.prunePeriod=600 cas.authn.pm.ldap.blockWaitTime=5000 ##cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider # ## Attributes that should be fetched to indicate security questions and answers, ## assuming security questions are enabled. cas.authn.pm.ldap.securityQuestionsAttributes.attributeQuestion1 =attributeAnswer1 cas.authn.pm.ldap.securityQuestionsAttributes.attributeQuestion2 =attributeAnswer2 cas.authn.pm.ldap.securityQuestionsAttributes.attrQuestion3=attributeAnswer2 # cas.authn.pm.ldap.validator.type=SEARCH cas.authn.pm.ldap.validator.baseDn=DC=xx,DC=xx,DC=xx,DC=xx ##cas.authn.pm.ldap.validator.searchFilter=(objectClass=*) cas.authn.pm.ldap.validator.scope=SUBTREE -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1892b1b2-41ab-4f86-8470-5e21d654fcd2%40apereo.org.