> Have a new Client app (Liferay 6) that is running on Tomcat 6 on the server > we've explicitly added the CAS server's ssl cert to CACerts. the trust shows > up in list and in javax.net.debug=ssl,handshake > However when this server attempts to validate a CAS ticket it fails with: > TP-Processor3, WRITE: TLSv1 Handshake, length = 73 > TP-Processor3, WRITE: SSLv2 client hello message, length = 98 > TP-Processor3, received EOFException: error > TP-Processor3, handling exception: javax.net.ssl.SSLHandshakeException: > Remote host closed connection during handshake
It makes sense that it's a certificate trust problem on the client since it dies right after the client hello, which is followed by the serverhello where the server certificate is sent to the client. A client-side (Liferay) trace would be more helpful in diagnosing your problem. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
