I have mod_auth_cas protecting a web site.
If I *don't* set `CASCertificatePath`, then everything works how I would expect
(CAS authenticates user, service ticket validated, user identifed to site via
REMOTE_USER).
However, if I set `CASCertificatePath` to the full path of a PEM file
containing the certificate of my CAS server, I get an "Authorization Required"
error. The debug logs show:
MOD_AUTH_CAS: curl_easy_perform() failed (Peer certificate cannot be
authenticated with known CA certificates)
I am using MOD_AUTH_CAS 1.0.10 according to the README.
I am using Apache 2.2.x
Am I missing something? I thought that if I set that directive to the actual
CAS certificate, it would validate it.
I am also bewildered as to why the process works when I *don't* specify the
directive, as I can't seem to find the complete trust chain in the default
certs folder ('/etc/ssl/certs/').
Thanks,
Carl Waldbieser
ITS Systems Programmer
Lafayette College
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
