Thanks John, I did find the cert that corrected my problem. Thanks for your input however. I will keep it. I am not well versed in certificate at all and am getting better.
One thing I question. Why do I need all this overhead if I have a cert on the web server for all data in and out? Everything else is on an internal network and firewalled from the public. These certs are a hassle. Thank You, Chris Cheltenham SwainTechs / HHS Cell# 267-586-2369 From: John Gasper [mailto:[email protected]] Sent: Monday, January 12, 2015 11:24 AM To: [email protected] Subject: Re: [cas-user] Apache certificate Hi Chris, What's your plan for Apache? Do you have an application hosted on it that you want to protect with CAS? Or, do you want to front Tomcat with Apache by using mod_jk or reverse proxying? Assuming it is the former, If the cert running on Tomcat is not generally trusted (signed by a common CA) it must be exported and added to the keystore used by the CAS-protected/client application. Otherwise when the application makes the backchannel call to Tomcat, the SSL authentication will fail. I hope that helps. John On 1/11/15 10:43 AM, Chris Cheltenham wrote: [cid:[email protected]] Hello, We have apache running on a separate server than CAS. I can get CAS to work from tomcat on the cas sever but I do not understand what certificate I export to apache from the slew of certificates I created. Can anyone explain that? Thank You, Chris Cheltenham SwainTechs / HHS Cell# 267-586-2369 -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
