Hello,
I have the following tools/systems set up:
1) CAS 3.0.5 integrated with LDAP
2) Atlassian Confluence 2.3.3
3) Atlassian Jira Enterprise 3.7.4
I am trying to implement Single-Sign-On via the CAS server.
I am able to go to Confluence or Jira URL and then get redirected to
CAS. I input valid username/password and then get the "Unable to
validate ProxyTicketValidator" error. Let's not go deep into that
because I believe the problem I am having is generating valid Tomcat
security certificates.
I generate the certificate following these steps:
1) /usr/lib/java/bin/keytool -delete -alias tomcat -keypass changeit
2) /usr/lib/java/bin/keytool -genkey -alias tomcat -keypass changeit
-keyalg RSA -validity 365
Enter keystore password: changeit
What is your first and last name?
[Unknown]: idmanager.intranet.behringer
What is the name of your organizational unit?
[Unknown]: idmanager.intranet.behringer
What is the name of your organization?
[Unknown]: idmanager.intranet.behringer
What is the name of your City or Locality?
[Unknown]: City
What is the name of your State or Province?
[Unknown]: Manila
What is the two-letter country code for this unit?
[Unknown]: PH
3) /usr/lib/java/bin/keytool -export -alias tomcat -keypass changeit
-file server.crt
4) /usr/lib/java/bin/keytool -import -file server.crt -keypass changeit
-keystore /usr/lib/java/jre/lib/security/cacerts
I set up the tomcat SSL config (server.xml) like this (I added:
"keystoreFile" attribute):
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
keystoreFile="/usr/lib/java/jre/lib/security/cacerts"
clientAuth="false" sslProtocol="TLS" />
When I start tomcat, I get this error:
Apr 27, 2007 5:59:58 PM org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
SEVERE: Endpoint [SSL:
ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=8443]] ignored
exception: java.net.SocketException: SSL handshake
errorjavax.net.ssl.SSLException: No available certificate or key
corresponds to the SSL cipher suites which are enabled.
java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException:
No available certificate or key corresponds to the SSL cipher suites
which are enabled.
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.acceptSocket(JSSESocke
tFactory.java:114)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.acceptSocket(PoolTcpEndpoint.
java:408)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollow
erWorkerThread.java:71)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:685)
at java.lang.Thread.run(Thread.java:595)
Did anyone find this problem? Any comments? Are my certification
generating steps wrong?
Thank you so much!
Kind Regards,
RODRIGUEZ, Unai
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
