Hi,
I'm trying to implement CAS based authentication against
https://login.hostsharing.net.
Eventhough there don't seem to be any issues among the certificate,
openssl s_client -CApath /etc/ssl/certs/
-connect login.hostsharing.net:443
[...]Verify return code: 0 (ok)[...]
mod_auth_cas comslains:
MOD_AUTH_CAS:
Certificate CN does not match login.hostsharing.net
My configuration looks like:
CASVersion 2
CASDebug On
CASValidateServer On
CASValidateDepth 9
CASAllowWildcardCert On
CASCertificatePath /etc/ssl/certs/
CASLoginURL https://login.hostsharing.net/cas/login
CASValidateURL https://login.hostsharing.net/cas/serviceValidate
CASCookieEntropy 32
CASCookiePath /var/cache/apache2/mod_auth_cas/
CASTimeout 600
CASIdleTimeout 300
CASCacheCleanInterval 900
AuthType CAS
Require valid-user
I tried several modifications without any improvement.
What's wrong with my setup? (Debian Package Version 1.0.8-3)
Note:
I tried to debug mod_auth_cas and figured out that the invocation of
X509_verify_cert(xctx) returns an result which lets check_cert_cn return
FALSE immediately.
Thanks in advance
Michael
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
