Hello, i am apologizing beforehand for a lengthy message. I am having trouble generating proxy tickets following this tutorial:
https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough. Heres my scenario: my cas server link is this: https://192.168.1.242:8443/cas link of my web service using cas is: https://192.168.2.95/cgi-bin/koha/opac-user.pl while trying out the cas proxy tutorial, i executed the following link for getting back a validated pgt: https://192.168.1.242:8443/cas/serviceValidate?ticket=ST-1-D5AfJ2wXKGW7boxQqdcD-cas&service=https://192.168.2.95/cgi-bin/koha/opac-user.pl&pgtUrl=https://192.168.1.242:8443/test.html and the return xml gives me a successful authentication with only the user name but i could not find any PGT with it. i traced back the cas.log file and i found the following error(part of the log is given in the following and the complete log is attached): 2011-12-20 12:33:03,817 ERROR [org.jasig.cas.util.HttpClient] - java.security.cert.CertificateException: No subject alternative names present javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1639) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:215) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:209) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1033) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:146) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:546) at sun.security.ssl.Handshaker.process_record(Handshaker.java:482) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:904) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1140) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1167) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1151) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:423) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153) at org.jasig.cas.util.HttpClient.isValidEndPoint_aroundBody4(HttpClient.java:109) at org.jasig.cas.util.HttpClient.isValidEndPoint_aroundBody5$advice(HttpClient.java:44) at org.jasig.cas.util.HttpClient.isValidEndPoint(HttpClient.java:1) ---- apart from the above error everything else is working fine. now my queries are: -> are there any extra configurations i need to make for receiving back the PGTs? - > the callback url (pgtUrl=https://192.168.1.242:8443/test.html) i am using, is there anything wrong with it or does it have to be something specific? i did add my cas server certificate to the cas server's jvm, so that the call back url does not fail authenticating but still i am getting the error. I am using cas server 3.4.11 and i am testing these setups using local ip. Any help will be greatly appreciated. Thank you. -- Auninda Rumy Saleque Asst. System Programmer Ayesha Abed Library BRAC University Dhaka, Bangladesh -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
cas.log
Description: Binary data
