Yes.  I understand the distinction...I was typing quickly :)

I do get an error in my cas-management log about ssl  - but my regular 
/cas/login link loads just fine (self signed cert on this particular server)

Caused by: sun.security.validator.ValidatorException: PKIX path building 
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable 
to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) 
~[?:1.8.0_171]
at 
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) 
~[?:1.8.0_171]
at sun.security.validator.Validator.validate(Validator.java:260) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) 
~[?:1.8.0_171]
at 
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
 
~[?:1.8.0_171]
at 
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:61)
 
~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:68)
 
~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:37)
 
~[pac4j-cas-2.2.0.jar:?]
at org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44) 
~[pac4j-core-2.2.0.jar:?]
at 
org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113)
 
~[pac4j-core-2.2.0.jar:?]
... 72 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: 
unable to find valid certification path to requested target
at 
sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
 
~[?:1.8.0_171]
at 
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
 
~[?:1.8.0_171]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) 
~[?:1.8.0_171]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) 
~[?:1.8.0_171]
at 
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) 
~[?:1.8.0_171]
at sun.security.validator.Validator.validate(Validator.java:260) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
 
~[?:1.8.0_171]
at 
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) 
~[?:1.8.0_171]
at 
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) 
~[?:1.8.0_171]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) 
~[?:1.8.0_171]
at 
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) 
~[?:1.8.0_171]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
 
~[?:1.8.0_171]
at 
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
 
~[?:1.8.0_171]
at 
org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193)
 
~[cas-client-core-3.4.1.jar:3.4.1]
at 
org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:61)
 
~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:68)
 
~[pac4j-cas-2.2.0.jar:?]
at 
org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:37)
 
~[pac4j-cas-2.2.0.jar:?]
at org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44) 
~[pac4j-core-2.2.0.jar:?]
at 
org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113)
 
~[pac4j-core-2.2.0.jar:?]


On Thursday, May 17, 2018 at 4:16:06 PM UTC-4, rbon wrote:
>
> Jen,
>
> I think you mean a cas-management error and not 'CAS error'.
> Are CAS and cas-management running on the same tomcat?
> Logging config for cas-management is in log4j2-management.xml which also 
> introduces cas-management.log.
>
> Ray
>
> On Thu, 2018-05-17 at 12:55 -0700, Jennifer LaVoie wrote:
>
>
> nothing helpful in cas.log or catalina.out that I can see 
>
> it seems to be CAS error because the leaf is on the tab and above the 
> error that I posted it says
>
> Cas Service Management
>
> Jen
>
> On Thursday, May 17, 2018 at 3:44:27 PM UTC-4, David Curry wrote: 
>
> Haven't seen that one, that I can recall.
>
> Is that a CAS error (shows in a CAS-branded web page) or a Tomcat error? 
>
> Do the logs (cas.log and/or catalina.out) say anything helpful?
>
>
>
> --
>
> DAVID A. CURRY, CISSP
> *DIRECTOR OF INFORMATION SECURITY*
> INFORMATION TECHNOLOGY
>
> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>
> [image: The New School]
>
> On Thu, May 17, 2018 at 3:40 PM, Jennifer LaVoie <nixge...@gmail.com> 
> wrote:
>
> I updated the management.properties file with some ports specifically 
> defined.  And that is now working as expected... 
>
> However, I get this
>
> The CAS management webapp is unavailable. 
>
> There was an error trying to complete your request. Please notify your 
> support desk or try again.
>
>
>
>
>
> On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote: 
>
> So I have followed all the steps here 
>
>
> https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_configure-webapp-properties.html
>
> (awesome site)
>
> And when I try to go to 
>
> https://cashost:8443/cas-management
>
> I am redirected to here
>
>
> https://casserver.herokuapp.com/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html
>
> I have already logged into my cas.
>
> What config file have I forgotten to change?
>
> Jen
>
> -- 
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> --- 
> You received this message because you are subscribed to the Google Groups 
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to cas-user+u...@apereo.org.
> To view this discussion on the web visit 
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-1db0e370795e%40apereo.org
>  
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-1db0e370795e%40apereo.org?utm_medium=email&utm_source=footer>
> .
>
>
>
> -- 
> Ray Bon
> Programmer analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | rb...@uvic.ca <javascript:>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/0ea63b46-e684-4b97-9114-9fe576d81785%40apereo.org.

Reply via email to