3) Tomcat's server.xml pointed to the correct keystore file This is a common point of confusion. The keystore specified in server.xml has nothing whatever to do with connections made by Java classes like UrlConnection. The latter use the _system_ keystore in $JAVA_HOME/jre/lib/security/ > > cacerts. The system keystore you can be > customized using the javax.net.ssl.keyStore and related system > properties when starting the JVM hosting an application.
But the Tomcat documentation does not mention that. It just specified that edit your server.xml to point to the keystore that you just created which holds the self signed certificate for the user. Am I missing something here? On Tue, Jul 21, 2009 at 1:19 PM, Marvin Addison <[email protected]>wrote: > > 3) Tomcat's server.xml pointed to the correct keystore file > > This is a common point of confusion. The keystore specified in > server.xml has nothing whatever to do with connections made by Java > classes like UrlConnection. The latter use the _system_ keystore in > $JAVA_HOME/jre/lib/security/cacerts. The system keystore you can be > customized using the javax.net.ssl.keyStore and related system > properties when starting the JVM hosting an application. > > > So my question is, is the JDK update responsible for this error ? > > Probably. The JDK update likely deleted the cacerts file you had been > using that contained the trusted cert entries needed by CAS. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- Kavita Tipnis -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
