We did this when we rolled out CAS 5 as well. New servers, new DNS names, the whole deal.
To answer your specific questions: 1. We generated new ones. I don't think you have to, but it just seemed to make more sense to "start fresh" so we knew what components we had installed. 2. It was pretty straight forward; I don't recall any gotchas. You might find this helpful just to make sure you haven't left anything out: https://dacurry-tns.github.io/deploying-apereo-cas/googleapps_overview.html 3. We didn't experience any issues in this area, although we don't use much of this to begin with. 4. Not really, It's pretty simple. --Dave -- DAVID A. CURRY, CISSP *DIRECTOR • INFORMATION SECURITY & PRIVACY* THE NEW SCHOOL • INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1 646 909-4728 • david.cu...@newschool.edu On Wed, Jan 8, 2020 at 9:02 PM Mike Osterman <oster...@whitman.edu> wrote: > We're finally getting up to CAS 5.3.x, and for a variety of reasons, we > built a new server with a different host name. As part of the transition, > we'll be updating the "Third-party identity provider" settings in Google > Apps with the new URL and keys. > > As I'm sure others have gone through this, so I thought I'd ask a few > questions here: > > 1. Did you reuse the X509 certificates from your previous CAS instance? > 2. The CAS side seems pretty well-documented and straightforward: > https://apereo.github.io/cas/5.3.x/integration/Google-Apps-Integration.html > > Is there anything you'd add to this? For example, does your service > registry entry match that on the documentation, or did you need to add more > attributes? > 3. Were there any gotchas you didn't foresee, such as all users' OAuth > tokens being expired due to the changes? (I'm not certain this will happen, > just trying to think of things that might happen as an unintended > byproduct.) > 4. Are there additional preparations you wish you'd done given > hindsight? > > Thanks! > Mike > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEdMQHXw2PEKEuvqgi0T4MaAwGAaqMc4iKoNdJzyY8_RqG6zKg%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEdMQHXw2PEKEuvqgi0T4MaAwGAaqMc4iKoNdJzyY8_RqG6zKg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAN-9uuHAOzkry_qU6k__Loe00dEpvk0_J4dyyd6FWtEKA%40mail.gmail.com.
