Maybe I'm missing something here so forgive my possibly stupid issue :-)
I'm actually calling the logout entrypoint directly from the browser, to
test it, entering https://myserver/cas-server-webapp-3.3.3/logout.
There's no application involved. Isn't it supposed to work anyway?
Giuseppe
Scott Battaglia wrote:
What you're seeing is CAS trying to call back to your services to let
them know that the CAS session ended. One of the endpoints for your
applications has a certificate that disagrees with CAS :-)
On Wed, Jan 20, 2010 at 6:07 AM, Giuseppe Sollazzo
<[email protected] <mailto:[email protected]>> wrote:
Hi everyone,
I've got a seemingly working install of CAS on Moodle now, after
solving some issues with phpCAS.
Nonetheless I get an exception when using logout from CAS,
invoking https://myserver/cas-server-webapp-3.3.3/logout
I guess this is related to using phpCAS::setNoCasServerValidation()?
Thanks,
Giuseppe
2010-01-20 10:55:49,626 ERROR [org.jasig.cas.util.HttpClient] -
<javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path validation
failed: java.security.cert.CertPathValidatorException: basic
constraints check failed: pathLenConstraint violated - this cert
must be the last cert in the certification path>
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path validation
failed: java.security.cert.CertPathValidatorException: basic
constraints check failed: pathLenConstraint violated - this cert
must be the last cert in the certification path
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown
Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown
Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown
Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown
Source)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown
Source)
at
sun.net.www.protocol.http.HttpURLConnection.followRedirect(Unknown
Source)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown
Source)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown
Source)
at
org.jasig.cas.util.HttpClient$MessageSender.call(HttpClient.java:200)
at
org.jasig.cas.util.HttpClient$MessageSender.call(HttpClient.java:160)
at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
Source)
at java.lang.Thread.run(Unknown Source)
Caused by: sun.security.validator.ValidatorException: PKIX path
validation failed: java.security.cert.CertPathValidatorException:
basic constraints check failed: pathLenConstraint violated - this
cert must be the last cert in the certification path
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown
Source)
at sun.security.validator.Validator.validate(Unknown Source)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown
Source)
... 20 more
Caused by: java.security.cert.CertPathValidatorException: basic
constraints check failed: pathLenConstraint violated - this cert
must be the last cert in the certification path
at
sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown
Source)
at
sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown
Source)
at
sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(Unknown
Source)
at java.security.cert.CertPathValidator.validate(Unknown Source)
... 27 more
--
Giuseppe Sollazzo
Systems Developer / Administrator
Computing Services
St. George's, University of London
--
You are currently subscribed to [email protected]
<mailto:[email protected]> as: [email protected]
<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as: [email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
Giuseppe Sollazzo
Systems Developer / Administrator
Computing Services
St. George's, University of London
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
