Take a look at: http://www.ja-sig.org/products/cas/server/ssl/index.html
It looks like your client application's JVM doesn't trust your CAS server's certificate and it needs to be added to the JVM's cacerts file. -Scott Noel Sebastien (BIL) wrote: > I am newbie to CAS. I am using CAS 3 on Tomcat 5 under Eclipse > (MyEclipse) with Java sdk 1.4.2_02. > It works fine until I type the password to the CAS login page, then it > redirect to the service caller (https:...) and display the following > error : > > javax.servlet.ServletException: > sun.security.validator.ValidatorException: No trusted certificate found > > edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilt > er.java:254) > > edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184) > root cause > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: No trusted certificate found > com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) > com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275) > com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275) > sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275) > > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Da > shoA6275) > > sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnec > tion.java:617) > > sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(DashoA6 > 275) > edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:70) > > edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicket > Validator.java:212) > > edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilt > er.java:219) > > edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184) > note The full stack trace of the root cause is available in the Apache > Tomcat/5.0.28 logs. > > > Searching the archive I am reviving an old thread ending having the SAME > explanation but with no solution > (http://tp.its.yale.edu/pipermail/cas/2005-May/001241.html ) besides > this thread says a possible way is to look at the link > http://jasigch.princeton.edu:9000/display/CAS/Solving+SSL+issues > But this is a broken link.. Has anyone the solution please ? > I am not sure to understand what is wrong. SSL in the web browser ? SSL > certificate in Tomcat ? Other ? > > Thank you in advance, > > > --------------------- > An electronic message is not binding on its sender. > Any message referring to a binding engagement must be confirmed in writing > and duly signed. > --------------------- > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
