I've installed CAS 3.5.2 and modified the deployerConfigContext.xml to use the bind authenticator against a novell eDirectory that is running LDAPS on the standard 636 port.
I'm getting the very common "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target" which I've dealt with successfully with all sorts of a java / tomcat apps in the past. Maybe it is just Monday and I'm missing something simple, but I assumed I would just use 'openssl s_client -connect ldap.domain.edu:636', grab the ldaps cert, import it into the keystore that my tomcat/cas is using (with the trustcacerts option) and it would solve the problem. It didn't. All of this is in development and using self-signed certs. I enabled more verbose ssl logging as suggested at the end of this page: https://wiki.jasig.org/display/CASUM/SSL+Troubleshooting+and+Reference+Guide which I can attach if you think it would help. Nothing stood out to me. thanks, Jason -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
