On Sat, Feb 27, 2016 at 10:37 AM, Axon, Allan <[email protected]> wrote:
> This is the configuration I'm using:
>
>
>
> from deployerConfigContext.xml
>
> <bean id="sslConfig" class="org.ldaptive.ssl.SslConfig">
>
> <property name="credentialConfig">
>
> <bean class="org.ldaptive.ssl.X509CredentialConfig"
>
> p:trustCertificates="${ldap.trustedCert}" />
>
> </property>
>
> </bean>
>
>
>
> from cas.properties (included is the link to the documentation I'm
> following)
>
> # Putting this in based on example at
> http://jasig.github.io/cas/4.1.x/installation/LDAP-Authentication.html
> (LDAP Requiring Authentication)
>
> #ldap.trustedCert=file:///c:/java/jre7/lib/security/cacerts
>
> ldap.trustedCert=file:///c:/Program
> Files/Java/jdk1.7.0_21/jre/lib/security/cacerts
>
This configuration is for a PEM or DER encoded certificate(s). Use the
following for keystores:
<bean id="sslConfig" class="org.ldaptive.ssl.SslConfig">
<property name="credentialConfig">
<bean class="org.ldaptive.ssl.KeyStoreCredentialConfig"
p:trustStore="..."
p:trustStorePassword="..."
p:trustStoreType="..."
/>
</property>
</bean>
And in your case, using the default cacerts, just remove the entire
SslConfig. Default JVM trust mechanisms will go into effect.
--Daniel Fisher
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
