I'm running CAS authentication on one server, and a website that is to be secured on a seperate server on my local network.
When I ran both CAS and Apache on the same server, they worked fine. When I separated them to two different physical hosts, they don't work anymore. The CAS-login works fine, but when I get redirected back to my apache after logging in, I get: "Could not perform SSL handshake with example.casserver.com (check CASCertificatePath)". I checked CASCertificatePath, and I verified it points to the correct certificate(certificate of the CAS-server). I obtain the certificate by copying it from the cas-host to the apache-host, and I verified that the file is readable, and that the url resolves and is correct. I set "CASValidateServer Off" Anyone know what might be wrong? Since I'm only doing this within a confined local network, there is no point in involving the CA's, so the certificate used by the CAS-server is a simple self signed certificate made by the jdk-tool: keytool -genkey -keyalg "RSA" -dname Is this the problem? Does mod_auth_cas require the certificate to be CA-signed, for instance by creating my own CA for the network using TinyCA2? Or is a normal self signed ceritificate enough? -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
