hi marvin, okay ? Lets get this straight. I have to do these steps here?
When All Else Fails "If you have read, understood, and tried all the troubleshooting tips on this page and continue to have problems, please perform an SSL trace and attach it to a posting to the [email protected] mailing list. An SSL trace is written to STDOUT when the following system property is set, javax.net.debug=ssl. An example follows of how to do this in the Tomcat servlet container. Sample setenv.sh Tomcat Script" Where can I find this file? I did not find it in tomcat, I really missed. I need to make these settings? Where? Thanks for responding. On Wed, Jul 28, 2010 at 3:30 PM, Marvin Addison <[email protected]>wrote: > > java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: > > sun.security.validator.ValidatorException: PKIX path building failed: > > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find > > valid certification path to requested target > > The problem is that the JVM _system_ truststore used by the CAS client > validator (which is called from Spring Security) does not trust your > CAS server certificate. Note that the truststore line in your tomcat > server.xml has no effect on the _system_ truststore and should be > omitted. The following attempts to install your self-signed cert into > the default system truststore: > > > C:\Program Files\Java\jdk1.6.0_20\bin>keytool -import -file server.crt > > -keypass changeit -keystore ..\jre\lib\security\cacerts > > The above _should_ work if that's the same JVM used by Tomcat and you > haven't customized your system truststore path by setting > javax.net.ssl.trustStore. The best thing to do at this point is an > SSL trace and post the output here; see the last section of > > https://wiki.jasig.org/display/CASUM/SSL+Troubleshooting+and+Reference+Guide > for instructions. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- Handerson Frota CEO Triadworks - www.triadworks.com.br www.handersonfrota.com.br Coordenador da JavaCE - www.javace.org -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
