thanks to you for your response and taking your time to help me I think that I advanced with the resolution of my problem and identified the source of the problem which is the certificate.
I used to identify my problem SSLPoke and InstallCert and I add the option -Djavax.net.ssl.trustStore= Mykeystore There is still a problem with the certificate and got this error : java.security.cert.CertificateException: No subject alternative names present but according to internet it should be because my CN in my certificate wasn't localhost. So I tried to regenerate a certificate with the CN=localhost but now catalina say (in my cas server) invalid key format (that's not really a problem I already got it and resolved) then I'm trying to regenerate a good certificate and hoping that everything works. Because I thought that I had some time to lose today and that I was near the solution, I tried something more complicated (maybe better) : http://www.ja-sig.org/wiki/display/CASUM/HOWTO+Setup+Dual+Authentication+in+CAS+-+SSL+Client+Auth+and+LDAP I've not finished right now and I have not tried yet (I encounter some little problems, no big deal) After this speech which will help somebody maybe later I hope, I will ask a question : How do you add the system property (-Djavax.net.debug...) to the JVM startup options on the JVM ? Personnaly I add -Djavax.net.ssl.trustore... in the catalina.bat file but I'm really not sure that's the correct way to do this. C. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
