Here is the localhost certificate that is in your truststore: adding as trusted cert: Subject: CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown Issuer: CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown Algorithm: RSA; Serial number: 0x4b9ac554 Valid from Fri Mar 12 17:51:00 EST 2010 until Thu Jun 10 18:51:00 EDT 2010
Here is the localhost certificate presented by your CAS server: Subject: CN=localhost, OU=Spring Security Sample Applications, O=Spring Security, L=Glasgow, ST=Scotland, C=GB Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 ... Issuer: CN=Spring Security Test CA, OU=Spring Security, O=Spring Framework, L=Glasgow, ST=Scotland, C=GB Clearly these are not the same localhost certificate. In general it's best to add the issuing certificate to the truststore, the CN=Spring Security Test CA certificate in this case. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
