> However, logout does not work anymore - see the cas log: > > 2010-08-04 14:16:40,419 WARN [org.jasig.cas.util.HttpClient] - Error Sending > message to url endpoint > [https://myserver/appA/j_spring_cas_security_check]. Error is [Received > fatal alert: bad_certificate] > 2010-08-04 14:16:40,431 WARN [org.jasig.cas.util.HttpClient] - Error Sending > message to url endpoint > [https://myserver/appB/j_spring_cas_security_check;jsessionid=B8499A09096BAC4DEAC31722AB7BA96D]. > Error is [Received fatal alert: bad_certificate]
This makes sense: CAS is making a request on port 443 which requires client authentication, but the CAS server is not configured to send a client certificate. You have 3 potential solutions: 1. Configure the CAS server to send a client certificate acceptable to your clients (not recommended) 2. Set clientAuth="want" to make client authentication optional 3. Configure your client applications such that they provide a service URL to the port that does not require client auth. At logout time CAS will call back to whatever URL was provided in the service parameter to ticket validation. M -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
