Srikar- How did you obtain server.crt? Did you export it using keytool using "-exportcert" ? Did you export it in PEM format?
I think using "-rfc" with the "-exportcert" parameter exports in PEM format. Otherwise, I think it uses one of the PKCS formats (#7 or #12, maybe?). HTH, -Matt On Thu, 2008-01-10 at 10:41 -0500, Srikar Kummamuri wrote: > Scott, > > I tried to place the exact file in the path of CASCertificatePath. Now > I gaeve the crt file directly in the path. > > > > CASCookiePath C:/ssl/ > > CASCertificatePath C:/ssl/cas_sslcrt/server.crt > > CASValidateServer on > > > > And the error is, > > > > [Thu Jan 10 10:37:05 2008] [error] [client 10.6.2.145] MOD_AUTH_CAS: > Could not load CA certificate file: C:/ssl/cas_sslcrt/server.crt > > [Thu Jan 10 10:37:05 2008] [error] [client 10.6.2.145] MOD_AUTH_CAS: > Could not create an SSL connection to alx-dev-wrk04.wwre.org > > > > > > ..Srikar > > > ______________________________________________________________________ > From: Srikar Kummamuri > Sent: Thursday, January 10, 2008 10:05 AM > To: '[email protected]' > Subject: RE: mod_auth_cas-1.0.6 released > > > > > Matt, > > I change the httpd.conf and problem still continues. Let me tell you > what I did exactly. On the Apache (Mod_auth_cas) machine, I generated > a CRT file with the keytool (given the CAS Server name in the first , > last names argument of Keytool) same way that I did on the cas > server. Now as you noted, I modified the httpd.conf file in both way > with relative path and absolute path. > > > > CASCertificatePath C:\ssl\cas_sslcrt (In this directory crt file > and .keystore were there) > > > > But the problem continues. My doubt is, Is this method (Generating the > crt file with Keytool) is good for the apacge (Mod_auth_Cas) ???? Or > do I need to look into certificate generation methods of OpenSsl?? > > > > Any documents/links/help?? > > > > Thanks a lot. > > Srikar. > > > > > > > ______________________________________________________________________ > From: Srikar Kummamuri > Sent: Wednesday, January 09, 2008 5:32 PM > To: '[email protected]' > Subject: RE: mod_auth_cas-1.0.6 released > > > > > When the request comes back to Apache from the CAS server with the > ticket (using mod_auth_cas), apache is throwing error. > > > > “Could not perform SSL handshake with alx-dev-wrk04.wwre.org (check > CASCertificatePath)” > > > > In my config, httpd.conf calls the ssl.conf and the ssl.conf has the > following line. > > > > SSLCertificateFile conf/sslcrt/server.crt > > > > Now the serer.crt is the file generated for the CAS Server by the key > tool (with the cas server machine name). > > > > What am I doing wrong here? Do I need to import this crt into > something else? Or can same body give me the clue to get this > certificate into JVM on the apache server having mod_auth_cas? I > resolved the same issue on a tomcat server running the CAS client but > on this Apache (MOD_AUTH_CAS) I am not getting the idea of where to > configure the self signed certificate. > > > > Thanks a lot > > Srikar. > > > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas -- Matt Smith [EMAIL PROTECTED] University Information Technology Services (UITS) University of Connecticut PGP Key ID: 0xE9C5244E
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
