Greetings, My team has implemented CAS 3.5.1. We have a requirement to enable PKI functions for our web application authentication (logon process).
1. Does CAS 3.5.1 support X.509 certificate authentication? If so, I'm seeking documentation other than from here: http://jasig.github.io/cas/4.1.x/installation/X509-Authentication.html .....or<http://jasig.github.io/cas/4.1.x/installation/X509-Authentication.html%20.....or> is this documentation backward compatible with 3.5.1? 2. Regarding the documentation link above, I'm curious if CRL Fetching Configuration can be setup to utilize OCSP? (anticipating token issued from CA, includes an OCSP responder URL found in X.509 AIA extension OID). Background: Our PKI architects and ops team discourage us to fetch the whole CRL in periodic intervals due to network traffic constraints. Hence, OCSP service is more desirable Please advise. Thanks, Paul Schweitzer -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
