On Sun, 16 Nov 2014, Alexandre Adao wrote:
Hello everyone,
I am being running CAS 3.4.10 with no problem, until I change the SSL Cert
SHA-2. I just installed SSL Certificate SHA-2 from GoDaddy successfully.
The Apache Tomcat 7.0 runs perfectly with the new SHA-2 certificate.
However, the Ticket Services did not work! Is there any incompatibly with
SHA-2 certificate. I had to go back to SHA-1 SSL Cert to get it work. See
the error bellow and please advise.
Error 500--Internal Server Error
java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: General
SSLEngine problem
...
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
...
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
...
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target
...
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:320)
... 41 more
The root error looks like the error you get when the Root CA cert is not
trusted in the client Java program's certificate database. Perhaps the
new GoDaddy SHA-2 certificate has a new, different Root CA that is not in
your jre/lib/security/cacerts database?
Andy
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
