The CAS-login works fine, but when I get redirected back to my apache after logging in, I get: "Could not perform SSL handshake with example.casserver.com (check CASCertificatePath)".
I would recommend turning up logging. mod_auth_cas uses curl under the hood, and it should log details about the certificate it's having trouble with.
I checked CASCertificatePath, and I verified it points to the correct certificate(certificate of the CAS-server).
Additional logging should help verify or refute that statement.
keytool -genkey -keyalg "RSA" -dname Is this the problem?
Nothing wrong there.
Does mod_auth_cas require the certificate to be CA-signed, for instance by creating my own CA for the network using TinyCA2?
There are no particular issuer requirements on certificates used by CAS components. Strictly speaking, the SSL machinery is controlled by libraries (Java on the server side, libssl on the Apache/mod_auth_cas side) outside CAS.
Or is a normal self signed ceritificate ernough?
That will work fine when configured properly, but it's uncommon to use for anything other than initial setup and testing.
M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
