Bill, Thank you, but I need help understanding a little more. I thought for development purposes this was OK? Is self-signed not the way to go? Is there a way to override this behavior or can I not use a self-signed cert?
Schawn- ________________________________ From: "William G. Thompson, Jr." <[email protected]> To: [email protected] Sent: Friday, January 4, 2013 2:14 PM Subject: Re: [cas-user] SSL error with LDAP On Fri, Jan 4, 2013 at 1:48 PM, Schawn E. Thropp <[email protected]> wrote: > I experienced a wierd error that I need some help with. I have a set up > where I was accessing a production level LDAP server with a specific URL > (setup in my deployerConfigContext.xml). I recently changed the URL to a > development LDAP server and I am know seeing the following error: > > ERROR > [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] > - simple bind failed: <development LDAP server url removed for posting to > forum>; nested exception is javax.naming.CommunicationException: simple bind > failed: [Root exceptin is javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target] > org.springframework.ldap.CommunicationException: simple bind failed; nested > exception. > > Any clues as to what is causing this? Am I missing a certificate in my JRE > cacerts? Yes, looks like you have a self-signed cert on the dev ldap. Bill > > Schawn > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
