> Since we are running our CAS server on a "red box" (i.e. test machine) my > boss has no desire to get a valid cert for it.
Just want to reiterate that you can make _any_ certificate appear valid to Java as long as the issuer is trusted. That means the issuer certificate must be in the system truststore, $JAVA_HOME/jre/lib/security/cacerts by default. (And it is only a default; you can use any key/truststore you want using system properties to specify the path.) If it's a self-signed cert, you just import the cert itself (subject == issuer for self-signed cert) into the truststore you're using. Don't let SSL trust issues stop you from testing. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
