First of all thank you all for the help. In my use case, I need to authenticate people asking their smart cards, after that, they login in a customized liferay portal with SSO through CAS with embedded https web applications. I "must" ask for their smart cards to get some info saved inside them.
I'm sorry, I don't understand the "use one connector for login, and other connector for ssl non-client traffic" thing, could you give me an example? Did you mean that I could define 2 connectors, one for the "public" https port, and another one to the "private" https port without "require=true" property? If this is the case, what CAS traffic I need to redirect to each port? >But then there is also another error: SSLCACertificateFile is the chain >used to validate clients but Gabriel probably only wants to >SSLCertificateChainFile to share the server chain. I want validate both (I think, I don't know if this is necessary): validate clients who connects to my server (only those with smart cards enabled for it) and validate that the server is the "real" one and not a "fake". Thank you a lot for the help. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
