Jean, Trusting all certificates reduces the security of system. That certificate is supposed to be doing the work of authenticating the CAS server to your application. If you trust all certificates, then the Adversary has an easier time impersonating your CAS server, say by using his very own self-signed SSL certificate in the name of your CAS server.
Installing the public key of your CAS server's SSL cert into your .NET application runtime environment, or using a commercially-vended SSL certificate, are each options that leave the assurances SSL is trying to provide intact. Andrew > Hi Sebastian, > > thanks. I found the issue ... It seems that ASP was not handling or > accepting the Certficate. I got some nice info on : > http://weblogs.asp.net/jan/archive/2003/12/04/41154.aspx > > I have added this piece of code before requesting the TICKET: > ServicePointManager.CertificatePolicy = new TrustAllCertificatePolicy(); > > Which is calling to the class below. > > saludos, > > Jean > > p.s.: (I do speak spanish) > > public class TrustAllCertificatePolicy : System.Net.ICertificatePolicy > { > private const string TRUSTED_CERTIFIED = > "PUT_HERE_THE_ISSUER_OF_THE_CERTIFICATE_OR_ANY_OTHER_RULE"; > > public TrustAllCertificatePolicy() { } > public bool CheckValidationResult(ServicePoint sp, > X509Certificate cert, WebRequest req, int problem) > { > return false; > if (cert.Issuer == TRUSTED_CERTIFIED) > return true; > else > return false; > } > } > > On 5/25/07, Sebastian Stranieri <[EMAIL PROTECTED]> wrote: > >> If you want to install a SSL Certificate try with the ISS6 Resource Kit, >> tool SELFSSL. >> >> Regards >> >> Sebastian >> PD: Anyone talk in spanish here? >> >> >> _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
