-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andrew,
I have a self-signed certificate, its for testing purposes. I imported the certificate using keytool -import -file server.crt -keypass pwd -keystore %JAVA_HOME%/jre/lib/security/cacerts I suppose what you meant is not the same... So do I have to install the publik key into %JAVA_HOME%/jre/lib/security/cacerts? best regards Arthur Andrew Petro schrieb: > Arthur, > > It appears your CAS server is using a self-signed SSL certificate. Have > you installed the public key of this certificate into the keystore of > the client JVM so that it knows to trust this SSL certificate and can > successfully https: request to CAS to validate the ticket? > > SSL certificate installation issues are by far the most common cause of > inability to validate the ProxyTicketValidator in the Yale Java CAS Client. > > Andrew > > > > Arthur Erdös wrote: > Hello CAS experts ;) > > finally I made it to get the CAS server deployed in Tomcat and SSL > working... Now I'm facing the next problem when being redirected from > the cas server: > > CASAuthenticationException: Unable to validate ProxyTicketValidator > > I'm testing the HelloWorld Servlet running on the local machine. The cas > server runs on an extern machine. > > server catalina log: > > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > <AuthenticationHandler: > org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler > successfully authenticated the user which provided the following > credentials: uday> > 2008-02-18 18:58:34,389 INFO > [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service > ticket [ST-4-k07YL5mH4zxYbOZccgKf] for service > [http://localhost:8180/servlets-examples/servlet/HelloWorldExample] for > user [uday]> > > client catalina log: > > 18.02.2008 17:10:12 edu.yale.its.tp.cas.client.CASReceipt getReceipt > SCHWERWIEGEND: edu.yale.its.tp.cas.client.CASAuthenticationException: > Unable to validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://secure.bg-server.de:8443/cas/serviceValidate] > ticket=[ST-4-k07YL5mH4zxYbOZccgKf] > service=[http%3A%2F%2Flocalhost%3A8180%2Fservlets-examples%2Fservlet%2FHelloWorldExample] > renew=false]]] > 18.02.2008 17:10:12 edu.yale.its.tp.cas.client.filter.CASFilter doFilter > SCHWERWIEGEND: edu.yale.its.tp.cas.client.CASAuthenticationException: > Unable to validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://secure.bg-server.de:8443/cas/serviceValidate] > ticket=[ST-4-k07YL5mH4zxYbOZccgKf] > service=[http%3A%2F%2Flocalhost%3A8180%2Fservlets-examples%2Fservlet%2FHelloWorldExample] > renew=false]]] > > > anybody an idea what is still missing?? > > thx in advance! _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHuo8rdPoEKckmzw4RAgHCAKCOpX1hlIsLcIywv5nZUwrEgO54pQCfRlGH oDSi+PuWimxOwOanB6cSIFk= =+r8L -----END PGP SIGNATURE----- _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
