Zitat von Marvin Addison <[email protected]>:
Since I'm not sure how exactly the SSL handshaking works, would I see such a
request in the Apache logs even if the request fails due to problems with
the HTTPS certificate?
The SSL handshake happens below the application layer where HTTP
requests occur, so you would not see the request in the Apache logs on
the PHP side.
And furthermore: how can I configure CAS to get me some debug output about
what it is doing?
SSL trust problems are pretty visible in CAS server logs. You'll see
a big stack trace ending in exceptions in the javax.net.ssl package.
Do you have server logging configured correctly? Even if you don't
have log4j logging correctly configured, you should see the stack
traces in the log that captures stdout for the Java process, which is
catalina.out by default in Tomcat.
Thanks, that's it. "unable to find valid certification path to
requested target". Can I tell Tomcat/CAS to not validate certs, or do
I really have import that CA cert somewhere? This is a development
server, so I don't really care about the cert chain being valid or not.
Jan.
--
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
