Yup, that was defintely the problem. I didn't realize that the client needed to have that imported. Thanks.
On 12/18/06, Scott Battaglia <[EMAIL PROTECTED]> wrote:
Your certificate may not be in your JVM's cacerts file. Check out http://www.ja-sig.org/products/cas/server/ssl/index.html -Scott On 12/15/06, Vinny <[EMAIL PROTECTED]> wrote: > When I hit my protected webapp , I am properly redirected to the the > cas server , I login sucessfully (I think) > then get redirected back to my original page (service url?) and get the > following exception: > > javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated > at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(SSLSessionImpl.java:394) > at org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.verifyHostname > > (StrictSSLProtocolSocketFactory.java:280) > at org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.createSocket(StrictSSLProtocolSocketFactory.java:223) > at org.apache.commons.httpclient.HttpConnection.open > > (HttpConnection.java:706) > at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1321) > at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry > > (HttpMethodDirector.java:386) > at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170) > at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396) > at > org.apache.commons.httpclient.HttpClient.executeMethod > (HttpClient.java:324) > at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.getResponseFromURL(AbstractUrlBasedTicketValidator.java:76) > at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate > > (AbstractUrlBasedTicketValidator.java:46) > at org.jasig.cas.client.web.filter.TicketValidationFilter.doFilterInternal(TicketValidationFilter.java:91) > at org.jasig.cas.client.web.filter.AbstractCasFilter.doFilter > (AbstractCasFilter.java > :100) > > > now I am using a self-signed certificate with under the CN of localhost. > Does httpclient have a problem with those? > > > > -- > Ghetto Java: http://www.ghettojava.com > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
-- Ghetto Java: http://www.ghettojava.com
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
