We are using self signed certificates. We have about 15 ad servers. A certificate is distributed for our ad domain. We placed this in the certificate store for the cas server however this was not enough I had to grab the certificate on the ad server we are using at the moment because the domain name had to match. This seems to be a new requirement for cas server 4.0. I suppose it could be the new version of java (1.7) causing the requirement. On cas version 3.5 only the distributed certificate was required.
Our goal would be to put an F5 load balancer in front of the ad servers for cas to reference for ldap. But this could be a problem if we have to grab the certificate off of each ad servers. Has anybody run across this before? Did you find a remedy? Thanks for any help. Jim -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
