You must 1) be sure about Tomcat+SSL 2) be sure on creating certificate for cas and tomcat (...) 3) look at web.xml for right setting 4) look at web.xml for rigth setting 5) remember that you must set server name (es. localhost, www.mydomain.it) and not an IP.
6) Look at log file (rise up log to DEBUG) Bye On 29/08/06, Scott Battaglia <[EMAIL PROTECTED]> wrote: > Harry, > > What CN name did you put in the certificate? Also, what hostname do you use > to access the CAS server? The two should match (i.e. both should be > localhost). > > -Scott > > > On 8/29/06, Harry Ng <[EMAIL PROTECTED]> wrote: > > > Dear, > > I'm writing to ask for help on solving the SSL handshake problem. After > looking through many resources and articles, following those steps, I'm > still unable to fix the problem. > > Here is my configuration: > Fedora Core Linux 4 > Tomcat 5.0.28 / 5.5.12 > JAVA 1.5.0_05 > cas-server-3.0.5 > cas-client-java-2.1.1 > > My situation is just similar to most people, which shows the exception for > edu.yale.its.tp.cas.client.CASAuthenticationException : > Unable to validate ProxyTicketValidator > after entering the username and password on the default > SimpleTestUsernamePasswordAuthenticationHandler > > I followed the method of generating my certificate and put into the cacerts > according to this page > http://www.ja-sig.org/products/cas/server/ssl/index.html > > and simply set my CASFilter according to this > > http://www.ja-sig.org/products/cas/client/javaclient/index.html > > Please help to take a look. Thanks a lot. > > Regards, > Harry > > -------------------------------------------------------------------------- > Quote: > Note from the stack trace the bit about SSL handshake problems. You > don't have a valid cert for localhost installed. Consequently, your > CASified tomcat examples are unable to validate the ticket at your CAS > server instance over SSL. > > This is a very common problem among relative newcomers to CAS. > > Our online documentation that's evolved into a Wiki page continues to > improve thanks to excellent feedback on and off this list. I hope both > that this documentation will help you resolve your problem and that once > your problem is resolved you'll be able to take a moment to review this > documentation and provide feedback about how we can make it better, > easier to find, more correct, etc. > > http://jasigch.princeton.edu:9000/display/CAS/Solving+SSL+issues > > Notice especially the links to threads from the email archives on this > topic. > > > While this page is about CASifying uPortal, its content about installing > self-signed certs is on-topic: > > http://jasigch.princeton.edu:9000/display/CAS/Legacy+uPortal+client > > > If after reviewing some of the available documentation online you're > still not able to get CAS working for the JSP examples, please do write > back on this list. > > Best wishes, > > Andrew > > -------------------------------------------------------------------------- > My Weblog - http://wpmu.planner4u.org/ > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
