We are using self signed certificates. We have about 15 ad servers. A 
certificate is distributed for our ad domain. We placed this in the 
certificate store for the cas server however this was not enough I had to 
grab the certificate on the ad server we are using at the moment because 
the domain name had to match. This seems to be a new requirement for cas 
server 4.0. I suppose it could be the new version of java (1.7) causing the 
requirement. On cas version 3.5 only the distributed certificate was 
required.

Our goal would be to put an F5 load balancer in front of the ad servers for 
cas to reference for ldap. But this could be a problem if we have to grab 
the certificate off of each ad servers. Has anybody run across this before? 
Did you find a remedy?

Thanks for any help.
Jim

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to