Same certification validation error after successful keystore creation
and import to cacerts
C:\>C:\"Program Files"\Java\jdk1.5.0_11\bin\keytool -genkey -alias tomcat -keyal
g RSA -validity 365
Enter keystore password: changeit
What is your first and last name?
[Unknown]: IT-2208 IT-2208
What is the name of your organizational unit?
[Unknown]: talkerman
What is the name of your organization?
[Unknown]: talkerman
What is the name of your City or Locality?
[Unknown]: hills
What is the name of your State or Province?
[Unknown]: {A
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=IT-2208 IT-2208, OU=talkerman, O=talkerman, L=hills, ST={A, C=US correct?
[no]: y
Enter key password for <tomcat>
(RETURN if same as keystore password):
C:\>C:\"Program Files"\Java\jdk1.5.0_11\bin\keytool -export -alias tomcat -file
server.crt
Enter keystore password: changeit
Certificate stored in file <server.crt>
C:\>C:\"Program Files"\Java\jdk1.5.0_11\bin\keytool -import -file server.crt -ke
ystore C:/"Program Files"/Java/jdk1.5.0_11/jre/lib/security/cacerts
Enter keystore password: changeit
Owner: CN=IT-2208 IT-2208, OU=talkerman, O=talkerman, L=hills, ST={A, C=US
Issuer: CN=IT-2208 IT-2208, OU=talkerman, O=talkerman, L=hills, ST={A, C=US
Serial number: 45dc6729
Valid from: Wed Feb 21 10:37:13 EST 2007 until: Thu Feb 21 10:37:13 EST 2008
Certificate fingerprints:
MD5: 4F:7D:A0:F3:18:3B:6A:74:41:85:65:05:CD:0F:AF:AE
SHA1: AD:5B:61:62:0C:D5:32:00:91:03:20:1A:77:4D:C2:AB:B2:7D:94:35
Trust this certificate? [no]: y
Certificate was added to keystore
==============================================================================================
After this i changed the application-Security.xml
casAuthenticationProvider bean key value as
<property name="key" value="changeit"/>
then
tomcat connector config (in server.xml ) is now
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" keystoreFile="C:\Documents and
Settings\myname\.keystore" keystorePass="changeit" sslProtocol="TLS"
/>
deployed and started tomcat
This is the log
INFO [http-8443-Processor24]
AuthenticationManagerImpl.authenticate(88) | AuthenticationHandler:
org.acegisecurity.adapters.cas3.CasAuthenticationHandler successfully
authenticated the user.
INFO [http-8443-Processor24]
CentralAuthenticationServiceImpl.grantServiceTicket(167) | Granted
service ticket [ST-2-XJguyqMPCmiTVlUJ6tNbQMcYzFX6bKXWvew-20] for
service [https://IT-2208:8443/myapp/j_acegi_cas_security_check] for
user [admin]
WARN [http-8443-Processor23] LoggerListener.onApplicationEvent(55) |
Authentication event AuthenticationFailureServiceExceptionEvent:
_cas_stateful_; details:
[EMAIL PROTECTED]:
RemoteIpAddress: 10.22.2.148; SessionId: null; exception:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
