You need to add the self sign certificate in thekeystore file of CAS, also check of the port 636 is open or not. Actually you don't need ldaps for cas authentication. Bellow is my ldap config which works for me. Check whether your ports are open or not.
cas.authn.ldap[0].principalAttributeList =sAMAccountName,cn,givenName,memberOf,userPrincipalName,department,title,distinguishedName cas.authn.ldap[0].collectDnAttribute=false #cas.authn.ldap[0].principalDnAttributeName=sAMAccountName # cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true # cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true #cas.authn.ldap[0].credentialCriteria= cas.authn.ldap[0].ldapUrl=ldap://myldap:389 cas.authn.ldap[0].bindDn=CN=myldapadmin,OU=admin,DC=example,DC=edu cas.authn.ldap[0].bindCredential=mypass cas.authn.ldap[0].minPoolSize=3 cas.authn.ldap[0].maxPoolSize=10 cas.authn.ldap[0].validateOnCheckout=true cas.authn.ldap[0].validatePeriodically=true cas.authn.ldap[0].validatePeriod=600 #cas.authn.ldap[0].validateTimeout=PT5S cas.authn.ldap[0].failFast=true # cas.authn.ldap[0].idleTime=PT10M # cas.authn.ldap[0].prunePeriod=PT2H # cas.authn.ldap[0].blockWaitTime=PT3S cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].useStartTls=false #cas.authn.ldap[0].responseTimeout=PT5S cas.authn.ldap[0].allowMultipleDns=false #cas.authn.ldap[0].name= cas.authn.ldap[0].type=AUTHENTICATED cas.authn.ldap[0].baseDn=DC=example,DC=edu cas.authn.ldap[0].subtreeSearch=true cas.authn.ldap[0].searchFilter=sAMAccountName={user} cas.authn.ldap[0].enhanceWithEntryResolver=true #cas.authn.ldap[0].derefAliases=NEVER|SEARCHING|FINDING|ALWAYS cas.authn.ldap[0].dnFormat=uid=%s,DC=example,DC=edu #cas.authn.ldap[0].principalAttributePassword= cas.authn.ldap[0].followReferrals=false cas.authn.ldap[0].hostnameVerifier=ANY On Fri, Jul 12, 2019 at 2:54 PM Alex Samosir <[email protected]> wrote: > Yes. Because Its in my local PC. > > On Friday, July 12, 2019 at 8:03:24 AM UTC+7, casuser wrote: >> >> Are you using a self signed certificate? >> >> >> On Fri, Jul 12, 2019 at 12:12 AM Alex Samosir <[email protected]> >> wrote: >> >>> Im trying to connect CAS with my LDAP Server. And im following The New >>> School Tutorial by the way. >>> But its no luck >>> Im facing this error >>> >>> [image: ldaps.png] >>> >>> >>> >>> Ive already tried that configuration with my LDAP Browser >>> And its success and connected >>> >>> >>> [image: ldap browser.png] >>> >>> [image: LDAP BROWSER SUCCESS.png] >>> here is my cas.properties >>> >>> cas.authn.ldap[0].order: 0 >>> cas.authn.ldap[0].name: LDAP >>> cas.authn.ldap[0].type: AUTHENTICATED >>> cas.authn.ldap[0].ldapUrl: ldaps://10.2.2.64 >>> cas.authn.ldap[0].validatePeriod: 270 >>> #cas.authn.ldap[0].poolPassivator: BIND >>> cas.authn.ldap[0].searchFilter: cn={user} >>> cas.authn.ldap[0].baseDn: >>> cn=Users,DC=app,DC=lkpp,DC=go,DC=id >>> #cas.authn.ldap[0].dnFormat: >>> cn=%s,CN=Users,DC=app,DC=lkpp,DC=go,DC=id >>> >>> cas.authn.ldap[0].bindDn:cn=Administrator,cn=Users,dc=app,dc=lkpp,dc=go,dc=id >>> cas.authn.ldap[0].bindCredential:**************** >>> >>> any suggestion what I did wrong? >>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/17449e07-16ac-4650-8b38-9008603a15de%40apereo.org >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/17449e07-16ac-4650-8b38-9008603a15de%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >> >> >> -- >> -Fazla. >> > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/79e4a05b-07ab-4ca6-abae-ca5095edd10a%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/79e4a05b-07ab-4ca6-abae-ca5095edd10a%40apereo.org?utm_medium=email&utm_source=footer> > . > -- -Fazla. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAG9J-Y2J15WpH9Qtssg1uFgNdthy%2B%2BW2z9Si--n4yGpYBKsXuQ%40mail.gmail.com.
