Re: [cas-user] Question about install CAS in JBoss behind Apache

[Raymond Cheng - ITD]

Hi, Thanks for your reply. I am interested in your wording "fully-qualified hostname". I am using a wildcard certificate now. Is it a problem? CN = *.<some domain>.com This is a flow to do the login via CAS. Is it helpful? 1) user access CAS management UI by hostname using HTTPS 2) Apache redirect the request to CAS by IP (multiple server behind Apache) 3) CAS reply Apache (CertificateException) 4) Apache reply user and error message displayed in web browser Regards, Raymond Marvin Addison 提到: Is there any reference website/document to talk about this environment setup? No. There's no officially supported servlet container, but many of the install/configuration documents on the CASUM wiki assume Tomcat. URL: https://<server hostname>/cas/services CAS server log: java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching <server hostname> found. That error can happen when you're connecting to a host by IP address or "localhost", yet the CN of the server certificate has the fully-qualified hostname. Review the cas.properties file to ensure you're using a fully-qualified hostname. The property of interest: # Services Management Web UI Security server.name=http://localhost:8080 M ______________________________________________________________________ http://www.egltours.com/promotion This message (and any attachments) may contain information that is confidential,proprietary,privileged or otherwise protected by law.The message is intended solely for the named addressee (or a person responsible for delivering it to the addressee).If you are not the intended recipient of this message, you are not authorized to read, print, retain , copy or disseminate this message or any part of it.If you have received this message in error, please destroy the message or delete it from your system immediately and notify the sender. -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user