Hello, I am using CAS on development server and soon I'll be shifting to production. I am using mod_auth_cas as client and I am running CAS server and CAS Client in same machine. Should I create certificates for both tomcat(CAS Server) and apache(CAS Client) or only tomcat(keystore) is fine?
In mod_auth_cas which certificates does this *CASCertificatePath* refer to? How do I create self signed certificates for both CAS Server and CAS Client? It would be helpful if someone clarify me on this. On Tue, Feb 6, 2018 at 7:21 PM, Ramakrishna G <[email protected]> wrote: > Yes. I am just using at my development server. When releasing to > production I'll get a valid SSL Certificate. > > Thanks > Ramakrishna G > > On Tue, Feb 6, 2018 at 6:36 PM, Man H <[email protected]> wrote: > >> There is a potential security risk in doing this . >> CA's needs SSL in order to function safely with SSO. >> >> >> El martes, 6 de febrero de 2018, Ramakrishna G <[email protected]> escribió: >> >>> Hi Mukunthini Jeyakumar, >>> >>> To resolve this error you need have a valid SSL certificate signed by >>> CA. If you don't have you can just disable SSL in cas.properties file. >>> >>> server.ssl.enabled= false >>> cas.serviceRegistry.initFromJson=true >>> cas.serviceRegistry.config.location: file:/etc/cas/services >>> >>> in somename.json inside /etc/cas/services folder >>> >>> { >>> "@class": "org.apereo.cas.services.RegexRegisteredService", >>> "serviceId": "^(*http|*https|imaps)://.*", >>> "name": "HTTPS/IMAPS wildcard", >>> "id": 20170905111650, >>> "evaluationOrder": 99999 >>> } >>> and enable http in services. Also comment all CASValidateSAML in client >>> side. Now you are good to access over http which will solve the problem. >>> >>> Thanks >>> Ramakrishna >>> >>> On Tue, Feb 6, 2018 at 12:21 AM, Mukunthini Jeyakumar < >>> [email protected]> wrote: >>> >>>> Hi Ramakrishna, >>>> >>>> have you find the way to resolve the issue? I'm having the same >>>> >>>> Thanks >>>> Thini >>>> Other recipients: >>>> Ramakrishna, Perhaps there is something not right with your client >>>> application config? Is it running on https://192.168.111.118:8443 or >>>> is that CAS? Multiple service tickets in the URL suggests that the request >>>> is being redirected to CAS multiple >>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit https://groups.google.com/a/ap >>>> ereo.org/d/msgid/cas-user/cf0f4046-95d5-40a1-870e-492fca9db3 >>>> fd%40apereo.org >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/cf0f4046-95d5-40a1-870e-492fca9db3fd%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit https://groups.google.com/a/ap >>> ereo.org/d/msgid/cas-user/CAGST5P89Z-F6U161br1ymQ79_V%2BbvyF >>> i5fkSKLx1R%3DX9yOLe1g%40mail.gmail.com >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGST5P89Z-F6U161br1ymQ79_V%2BbvyFi5fkSKLx1R%3DX9yOLe1g%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit https://groups.google.com/a/ap >> ereo.org/d/msgid/cas-user/CAMY5mid7QwWxyMyxH-i2veHJx--cCL71S >> 0fNt-%3DVkdkv%2BRF3nw%40mail.gmail.com >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5mid7QwWxyMyxH-i2veHJx--cCL71S0fNt-%3DVkdkv%2BRF3nw%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGST5P9D_p5PrA7NhcKctm59tDdf0adnMQuHGWxH%3DF4wrm4TYw%40mail.gmail.com.
