[cas-user] Issue with cas 6 password managenment

[MD. Fazla Rabby]

We are already using CAS5.2 and password management working fine. But for 
CAS version 6 we are getting the ldap referral error  
"java.security.cert.CertificateException: Hostname does not match the 
hostname in the server's certificate site:stackoverflow.com"
How to get around with this 

This is my cas.properties



cas.authn.pm.enabled=true
cas.authn.pm.policyPattern=^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9
])(?=.*?[#?!@$%~()_{}-]).{8,}$
cas.authn.pm.reset.text=Reset your password with this link: %s
cas.authn.pm.reset.subject=Password Reset Request
cas.authn.pm.reset.from=myemail.mydomain.com


#password reset expiry is set to 1 day equivalent minutes
cas.authn.pm.reset.expirationMinutes=1440
cas.authn.pm.reset.emailAttribute=secondaryEmail
cas.authn.pm.reset.securityQuestionsEnabled=true

# Automatically log in after successful password change
cas.authn.pm.autoLogin=false

# Used to sign/encrypt the password-reset link
cas.authn.pm.reset.crypto.encryption.key=asdasdasdasdasdasdasdasdasdasd
cas.authn.pm.reset.crypto.signing.key=asdasdasasdasdasdasdadsadasdasdasdasd
cas.authn.pm.reset.crypto.enabled=true


#Email Submissions

spring.mail.host=smtp.office365.com
spring.mail.port=587
spring.mail.username=myem...@email.com
spring.mail.password=pass
spring.mail.testConnection=true
spring.mail.properties.mail.smtp.auth=true
spring.mail.properties.mail.smtp.starttls.enable=true

#
##LDAP Password management
#
cas.authn.pm.ldap.type=AD
#
cas.authn.pm.ldap.ldapUrl=ldaps://myldap:636
cas.authn.pm.ldap.useSsl=true
cas.authn.pm.ldap.useStartTls=false
cas.authn.pm.ldap.connectTimeout=50000
cas.authn.pm.ldap.baseDn=DC=xx,DC=xx,DC=xx,DC=xx
cas.authn.pm.ldap.searchFilter=cn={user}
cas.authn.pm.ldap.subtreeSearch=true
cas.authn.pm.ldap.bindDn=CN=xx,OU=xx,DC=xx,DC=xx,DC=xx,DC=xx
cas.authn.pm.ldap.bindCredential=pass
# cas.authn.pm.ldap.connectionStrategy=
cas.authn.pm.ldap.trustCertificates=file:/etc/cas/myldap.cer
## cas.authn.pm.ldap.keystore=
## cas.authn.pm.ldap.keystorePassword=
## cas.authn.pm.ldap.keystoreType=JKS|JCEKS|PKCS12
cas.authn.pm.ldap.poolPassivator=BIND
cas.authn.pm.ldap.minPoolSize=3
cas.authn.pm.ldap.maxPoolSize=10
cas.authn.pm.ldap.validateOnCheckout=true
cas.authn.pm.ldap.validatePeriodically=true
cas.authn.pm.ldap.validatePeriod=600
cas.authn.pm.ldap.validateTimeout=5000
cas.authn.pm.ldap.failFast=true
cas.authn.pm.ldap.idleTime=500
cas.authn.pm.ldap.prunePeriod=600
cas.authn.pm.ldap.blockWaitTime=5000
##cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
#
## Attributes that should be fetched to indicate security questions and 
answers,
## assuming security questions are enabled.
cas.authn.pm.ldap.securityQuestionsAttributes.attributeQuestion1
=attributeAnswer1
cas.authn.pm.ldap.securityQuestionsAttributes.attributeQuestion2
=attributeAnswer2
cas.authn.pm.ldap.securityQuestionsAttributes.attrQuestion3=attributeAnswer2
#
cas.authn.pm.ldap.validator.type=SEARCH
cas.authn.pm.ldap.validator.baseDn=DC=xx,DC=xx,DC=xx,DC=xx
##cas.authn.pm.ldap.validator.searchFilter=(objectClass=*)
cas.authn.pm.ldap.validator.scope=SUBTREE


-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1892b1b2-41ab-4f86-8470-5e21d654fcd2%40apereo.org.