Thanks for the response. The issue got resolved. I have recreated the certificate and added it to keystore and cacerts. Now CAS is working fine. But I dont know why it is not working when I use the CA signed certificate.
Thanks to all for the support. Sreejith ([email protected]) On Thu, May 24, 2012 at 9:13 AM, Misagh Moayyed <[email protected]> wrote: > The certificate you have installed on the Apache server does not honor > the one public IP address. Rather, it should be mapped and issued to the > fully qualified host name of the servers. I suppose that you either have to > obtain certificates for the servers you work with, or another workaround > would be to perhaps opt into using wildcard certs for your domain. > > -Misagh > > > On 5/23/2012 6:56 AM, Sreejith wrote: > > Dear All, > I have seven applications deployed over different instances of tomcat > spanning across 3 servers (roughly two tomcat instances per server). Tomcat I > am using is 7.0.4. I have one public Ip mapped to my appache server using > which I am connecting to all my application and CAS server. All my web > applications are java based and the version of java is 1.7 > > I have got a CA signed certificate which I have installed on all the servers. > After autheticating using cas, I am getting the following exception. Please > help me to sort out the issue. > > java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target > > > org.jasig.cas.client.validation.Saml11TicketValidator.retrieveResponseFromServer(Saml11TicketValidator.java:203) > > > org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:178) > > > org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:132) > > > org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:102) > > > org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:110) > > > in.nic.pes.lgd.common.AuthenticationFilter.doFilter(AuthenticationFilter.java:212) > > > > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
