Do you have any proxy in between? Because I'm not sure at the moment that it is SSL issuer. I've installed CAS server on 2 PCs, one is behind a firewall (with opened HTTP and SSL ports) and the second - in intranet. On the third PC is client application. I've imported there (to $JAVA_HOME/JRE/lib/security/cacerts) both certificates from both servers, but it works only with a CAS server in intranet, otherwise I get the same error message (connection refused) upon ticket validation. (see previouse message in queue). Ciao
-----Original Message----- From: "Dmitry Kochelaev" <[EMAIL PROTECTED]> To: "Yale CAS mailing list" <[email protected]> Date: Wed, 28 Nov 2007 13:45:35 +0300 Subject: SSL Issue again > > Dear all, > > I'm trying to use CAS together with Liferay. I have setup it on my > local machine (to setup SSL I've created a certificate for localhost) > and it works fine. Now I'm trying to setup it on test server > (test.evelopers.com). So I've created a certificate for host > test.evelopers.com, but while verifying the ticket it fails with > following exception. What can the problem be in? > > 2007-11-28 13:36:43,925 INFO [STDOUT] 13:36:43,925 ERROR [CASReceipt] > edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to > validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://test.evelopers.com/cas-web/proxyValidate] > ticket=[ST-2-Vt4bNAfm6vsULHrwyakpaRZ4vplFOr4BdiU-20] > service=[http%3A%2F%2Ftest.evelopers.com%2Fc%2Fportal%2Flogin] > renew=false]]] > 2007-11-28 13:36:43,926 INFO [STDOUT] 13:36:43,926 ERROR [CASFilter] > edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to > validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://test.evelopers.com/cas-web/proxyValidate] > ticket=[ST-2-Vt4bNAfm6vsULHrwyakpaRZ4vplFOr4BdiU-20] > service=[http%3A%2F%2Ftest.evelopers.com%2Fc%2Fportal%2Flogin] > renew=false]]] > 2007-11-28 13:36:43,930 INFO [STDOUT] 13:36:43,928 ERROR [CASFilter] > javax.servlet.ServletException: > edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to > validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://nxp.evelopers.com/cas-web/proxyValidate] > ticket=[ST-2-Vt4bNAfm6vsULHrwyakpaRZ4vplFOr4BdiU-20] > service=[http%3A%2F%2Ftest.evelopers.com%2Fc%2Fportal%2Flogin] > renew=false]]] > javax.servlet.ServletException: > edu.yale.its.tp.cas.client.CASAuthenticationException: Unable to > validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://test.evelopers.com/cas-web/proxyValidate] > ticket=[ST-2-Vt4bNAfm6vsULHrwyakpaRZ4vplFOr4BdiU-20] > service=[http%3A%2F%2Ftest.evelopers.com%2Fc%2Fportal%2Flogin] > renew=false]]] > at > edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:381) > at > com.liferay.portal.servlet.filters.sso.cas.CASFilter.doFilter(CASFilter.java:93) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > .... > Caused by: edu.yale.its.tp.cas.client.CASAuthenticationException: > Unable to validate ProxyTicketValidator > [[edu.yale.its.tp.cas.client.ProxyTicketValidator proxyList=[null] > [edu.yale.its.tp.cas.client.ServiceTicketValidator > casValidateUrl=[https://test.evelopers.com/cas-web/proxyValidate] > ticket=[ST-2-Vt4bNAfm6vsULHrwyakpaRZ4vplFOr4BdiU-20] > service=[http%3A%2F%2Ftest.evelopers.com%2Fc%2Fportal%2Flogin] > renew=false]]] > at edu.yale.its.tp.cas.client.CASReceipt.getReceipt(CASReceipt.java:52) > at > edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilter.java:455) > at > edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:378) > ... 26 more > Caused by: java.net.ConnectException: Connection refused > at java.net.PlainSocketImpl.socketConnect(Native Method) > at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333) > .... > > > -- > Best Regards, > Dmitry Kochelaev > Technical Leader, eVelopers corp. > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
