Chris, Which certificate are you refering to?
In my case sampleCasClient.pl(running on apache) and CAS server running on two seperate machines. I thought certifcate from the cas machine needs to be imported to the openssl certificate store (basically append the /x/x/x/x/ca-bundle.crt). This is to make sure the trust relationship. Unfortunate the certificate from cas is generated using java keytool. Am I doing doing something fundamentally wrong. the first couple of lines in my sampleCasClient.pl looks as follows #!/usr/bin/perl use warnings; use strict; use AuthCAS; my $cas = new AuthCAS(casUrl => 'https://test_cas_server:8443/cas', CAFile => '/etc/pki/tls/certs/ca-bundle.crt', ); my $app_url = 'http://localhost/sampleCasClient.pl'; ...... .... I followed the steps and executed the script, in apache logs it shows the following [Thu Jan 04 16:08:28 2007] [error] [client 127.0.0.1] Error: error IO::Socket::INET configuration failederror:00000000:lib(0):func(0):reason(0) unable to connect https://test_cas_server:8443/ [Thu Jan 04 16:08:28 2007] [error] [client 127.0.0.1] [Thu Jan 04 16:08:28 2007] [error] [client 127.0.0.1] Use of uninitialized value in printf at /var/www/html/sampleCasClient.pl line 28. Chris-343 wrote: > > There is no need for that .... all what you need to do is tell Perl where > to look for the crt. > > Example from: http://www.ust.hk/itsc/cas/sampleCasClient.pl > > my $cas = new AuthCAS(casUrl => 'https://yourhost:8443/cas', > CAFile => '/xxx_somepath_xxx/your.crt', > ); > > If you have a Java kestore file you can create a crt file with the > keytool. > > >> [Original Message] >> From: Tracy12 <[EMAIL PROTECTED]> >> To: <[email protected]> >> Date: 1/4/2007 12:32:38 AM >> Subject: RE: Auth CAS (perl) confusion >> >> >> Yes I understand, >> >> I just wanted to know how can I import a certificate created using java >> keytool(CAS server certificate) to the apache key store (using open ssl), >> basically the issue is they got two different formats, >> >> >> Which tool used to create the HKUST? >> >> >> Chris-343 wrote: >> > >> > The link I sent you includes http://sourcesup.cru.fr/perlcas/. >> > >> > It also includes sample code in Perl for a CAS client. >> > >> > The HKUST CA is just an example. Use your own ( it shows how to do that > in >> > http://www.ust.hk/itsc/cas/sampleCasClient.pl) >> > >> > >> > >> >> [Original Message] >> >> From: Tracy12 <[EMAIL PROTECTED]> >> >> To: <[email protected]> >> >> Date: 1/3/2007 6:09:28 AM >> >> Subject: RE: Auth CAS (perl) confusion >> >> >> >> >> >> >> >> I believe I have to follow the item no 1 which is >> >> >> >> CAS Perl Library (http://sourcesup.cru.fr/perlcas/) >> >> >> >> This is one of the urls I posted earlier, >> >> >> >> Thanks, but I got following questions >> >> >> >> 1) Development we have certificate generate using java keytool for CAS >> >> serve) (Currentlly development CAS server is running on tomcat). >> >> >> >> 2) How can I have this certificate and put it under apache 2.x, where >> >> perl >> >> code is running. So that the handshake between this machine and CAS > works >> >> fine. Basically how can I update openssl certificate store, >> >> >> >> Let me know how to setup this SSL thing, as currently I have to use > OPEN >> > SSL >> >> for certificates generated by keytool >> >> >> >> >> >> In addition, in the url u sent what is the use of Sample HKUST Root CA >> >> certificate file how can I set up a one for me. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> Chris-343 wrote: >> >> > >> >> > No more Perl confusion .. I just CASified my Perl application and it >> > works >> >> > like a champ ! >> >> > >> >> > Look at this link : http://www.ust.hk/itsc/cas/clientlib.html >> >> > >> >> > Chris >> >> > >> >> > >> >> >> [Original Message] >> >> >> From: Tracy12 <[EMAIL PROTECTED]> >> >> >> To: <[email protected]> >> >> >> Date: 1/3/2007 2:05:52 AM >> >> >> Subject: Auth CAS (perl) confusion >> >> >> >> >> >> >> >> >> Hi, >> >> >> >> >> >> I find similar functionalities in following urls >> >> >> >> >> >> >> >> >> http://search.cpan.org/~dcastro/Apache-AuthCAS-0.4/ >> >> >> >> >> >> http://sourcesup.cru.fr/perlcas/ >> >> >> >> >> >> my intention is to write a perl client that would execute >> >> >> cas/serviceValidate and get the xml >> >> >> and check for one of the attributes in the xml. >> >> >> >> >> >> I do not want to use proxy tickets at the moment. >> >> >> >> >> >> >> >> >> basically user enters credentials on CAS login page and should >> >> redirect >> >> >> to >> >> >> some other application via this perl script. >> >> >> >> >> >> Well ... can someone let us know which source should we use. (which >> >> url >> >> >> should I refer ) >> >> >> >> >> >> If there any other documentation pls let us know. >> >> >> >> >> >> Thanks, >> >> >> >> >> >> >> >> >> >> >> >> -- >> >> >> View this message in context: >> >> > >> > > http://www.nabble.com/Auth-CAS--%28perl%29-confusion-tf2910908.html#a8133264 >> >> >> Sent from the CAS Users mailing list archive at Nabble.com. >> >> >> >> >> >> _______________________________________________ >> >> >> Yale CAS mailing list >> >> >> [email protected] >> >> >> http://tp.its.yale.edu/mailman/listinfo/cas >> >> > >> >> > >> >> > _______________________________________________ >> >> > Yale CAS mailing list >> >> > [email protected] >> >> > http://tp.its.yale.edu/mailman/listinfo/cas >> >> > >> >> > >> >> >> >> -- >> >> View this message in context: >> > > http://www.nabble.com/Auth-CAS--%28perl%29-confusion-tf2910908.html#a8135603 >> >> Sent from the CAS Users mailing list archive at Nabble.com. >> >> >> >> _______________________________________________ >> >> Yale CAS mailing list >> >> [email protected] >> >> http://tp.its.yale.edu/mailman/listinfo/cas >> > >> > >> > _______________________________________________ >> > Yale CAS mailing list >> > [email protected] >> > http://tp.its.yale.edu/mailman/listinfo/cas >> > >> > >> >> -- >> View this message in context: > http://www.nabble.com/Auth-CAS--%28perl%29-confusion-tf2910908.html#a8150045 >> Sent from the CAS Users mailing list archive at Nabble.com. >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- View this message in context: http://www.nabble.com/Auth-CAS--%28perl%29-confusion-tf2910908.html#a8154299 Sent from the CAS Users mailing list archive at Nabble.com. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
