The client needs to be configured to accept the certificate that’s used by the cas server it’s connecting to: $cas_host and $cas_port in the example.
Generally you will want to configure it with the Certificate Authority (CA) certificate of the authority that issued the certificate, not the individual host certificate. You can see the whole certificate chain of an ssl server using the OpenSSL “s_client” command line tool: openssl s_client -connect login.myschool.edu:443 -showcerts -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/14318b7c-551c-41ef-a270-769f26511264%40apereo.org.