They responded they are not using TLS session tickets, not to their knowledge.
Sent with BlackBerry Work (www.blackberry.com) ________________________________ From: Mark Thomas <ma...@apache.org> Sent: Feb 6, 2021 2:39 AM To: users@tomcat.apache.org Subject: Re: Tomcat end-point Client certificate issue On 05/02/2021 22:47, jonmcalexan...@wellsfargo.com.INVALID wrote: > Hey everybody, > > Anyone run into an error or warning like this before? App team is using > Tomcat 9.0.37. > > <Redacted some info in warning> > > [05/02/2021 14:34:14:702 ] [] WARN > com.xxxxxxxx.xxxx.xxxxxxx.SearchCriteriaEnhancedController > SearchCriteriaEnhancedAction::actionExecute CAS Query WS returned Fault. > Details: FaultCode='Server.InternalError' FaultReasonText='Unable to CAAPI > validate certificate - array null' FaultActor='1CAV' AdviceText='null' > FaultSubcode='null' > TechnicalText='org.apache.commons.httpclient.auth.AuthenticationException: > Unable to CAAPI validate certificate - array null' Severity='ERROR' > FaultType='SYSTEM' EmbeddedException='null' If this is an error message logged on Tomcat from a CAS installation that failed to validate a client certificate I'd guess that the client certificate chain wasn't available. Maybe because TLS session tickets were being used? Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org