> I get this exception when I do so - > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException
You need to import the SSL certificate of the AD server into the system keystore of the CAS server. http://www.ja-sig.org/wiki/display/CAS/Solving+SSL+issues might be a helpful resource if you are new to Java keystores and SSL trust problems in Java. > is it possible to run CAS without SSL if I > have to? is there a workaround for my current situation? CAS MUST be run over SSL for proper security. While it's technically possible to run CAS over plain http, we _strongly_ recommend against it. Run without SSL at your own risk. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
