Pretty sure this isn't a CAS problem, more of a tomcat problem but it's CAS related so someone might have some advice. We have a CAS server 3.4.5 that is running and a number of CASified applications are running and working fine. Have a new Client app (Liferay 6) that is running on Tomcat 6 on the server we've explicitly added the CAS server's ssl cert to CACerts. the trust shows up in list and in javax.net.debug=ssl,handshake However when this server attempts to validate a CAS ticket it fails with: TP-Processor3, WRITE: TLSv1 Handshake, length = 73 TP-Processor3, WRITE: SSLv2 client hello message, length = 98 TP-Processor3, received EOFException: error TP-Processor3, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake TP-Processor3, SEND TLSv1 ALERT: fatal, description = handshake_failure TP-Processor3, WRITE: TLSv1 Alert, length = 2 TP-Processor3, called closeSocket() 14:36:10,091 ERROR [CommonUtils:294] Remote host closed connection during handshake javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:808) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1049) at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl.getInputStream(HttpsURLConnectionOldImpl.java:204) We have the CACERT set in the server.xml as truststore and as I said the CAS server's cert is showing up in the "adding as trusted cert" list. I'm not as familiar with tomcat as I am with JBoss so if anyone has a suggestion as to why this is failing it would be a huge help.  Andrew Tillinghast Sr. Web Developer Ph:860 439-5265 Fax: 860 439-2871 P Think before you print CONFIDENTIALITY: This email (including any attachments) may contain confidential, proprietary and privileged information, and unauthorized disclosure or use is prohibited. If you received this email in error, please notify the sender and delete this email from your system. -- |
- [cas-user] Remote host closed connection during han... Andrew Tillinghast
- Re: [cas-user] Remote host closed connection d... Pierre Brun
- Re: [cas-user] Remote host closed connecti... Andrew Tillinghast
- Re: [cas-user] Remote host closed connection d... Marvin Addison
- Re: [cas-user] Remote host closed connecti... Tillinghast, Andrew P.
- Re: [cas-user] Remote host closed conn... Marvin Addison
- Re: [cas-user] Remote host closed ... Tillinghast, Andrew P.
