Hm, at the surface level, that should work. Is upgrading an option? If curl to that URL works, the newer versions of the module use libcurl so that would fix it (and you'd get a host of other fixes too).
-Phil On Mon, Sep 26, 2011 at 1:43 PM, Joel Goguen <[email protected]> wrote: > I'm having trouble getting Apache 2.2.3 with mod_auth_cas 1.0.8.1 (RHEL5) > to authenticate users where the service uses a wildcard certificate. I saw > https://issues.jasig.org/browse/MAS-5 where a fix was included to allow > the CASAllowWildcardCert directive at the server/vhost level, but it's not > working as expected. > > If I set CASAllowWildcardCert to an invalid value, an appropriate complaint > is logged, but no matter whether I set it to "Off" or "On" the SSL error log > says: "MOD_AUTH_CAS: Certificate CN does not match cas.its.unb.ca". The > wildcard certificate is for *.its.unb.ca and is signed by a legitimate > certificate authority. Not DigiNotar :) Setting CASValidateServer to "Off" > makes everything work, but this is obviously a solution I would prefer to > avoid. > > Is there something I'm missing? Everything worked fine before we used the > wildcard certificate and other clients not using mod_auth_cas are perfectly > happy. > > -- > Joel Goguen > Developer > Enterprise Solutions > Integrated Technology Services > University of New Brunswick > E-mail: [email protected] > Phone: (506) 453-4872 > Fax: (506) 453-3590 > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
