hi everyone,
can anybody help me?
first time I am implementing single sign on using CAS and acegi.i did
configuration for acegi and it acts as a client.
i m using CAS 3.31 and JBOSS 4.2.3 GA server.
request is going to CAS server. and is authenticating fine .but while
redirecting i am getting following error . it is as follows
Authentication request failed: *
org.acegisecurity.AuthenticationServiceException*: *
sun.security.validator.ValidatorException*: PKIX path building failed: *
sun.security.provider.certpath.SunCertPathBuilderException*: unable to find
valid certification path to requested target.
i have gone through some forums and found some reasons to this exception
, saying due to some SSL cerificate problems
i tried to fix it,still it is showing error .
these are the following steps i have done it.
%JAVA_HOME%\bin\keytool -delete -alias tomcat -keypass changeit
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
%JAVA_HOME%\bin\keytool -export -alias tomcat -keypass changeit -file
server.crt
%JAVA_HOME%\bin\keytool -import -file server.crt -keypass changeit
-keystore %JAVA_HOME%/jre/lib/security/cacerts
after that in server.xml(jboss-4.2.3 GA)
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"-->
<maxThreads="150" scheme="https" secure="true">
clientAuth="false"
keystoreFile=""C:\Documents and Settings\Niranjana.HC\.keystore>
keystorePass="changeit<truststoreFile="C:\JavaCaps6\keystore\cacerts.jks"
truststorePass="changeit"
sslProtocol="TLS" />
here i m having doubt that do we need to use SSL port and truststore and
keystore concept?
and solution to the following error
Authentication request failed: *
org.acegisecurity.AuthenticationServiceException*: *
sun.security.validator.ValidatorException*: PKIX path building failed: *
sun.security.provider.certpath.SunCertPathBuilderException*: unable to find
valid certification path to requested to target
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas