Hello all: Trying to get CAS working with Apache proxying to Tomcat via AJP. I did the demo [1] successfully with Tomcat standing alone, but I don't understand Tomcat+CAS well enough to know how to get my self-signed dev (cas.jim.com) setup going. When I browse https://cas.jim.com/cas/services/ for example, I get:
You are not authorized to use this application for the following reason: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. This had worked with standalone Tomcat. For Apache, I used: openssl req -new -x509 -nodes -out cas.crt -keyout cas.key to create my certificate and key, which are working with Apache alone. I then did: sudo keytool -import -file cas.crt -keypass changeit to get them into keystore. What did I miss in this relationship? Thank you! [1] http://www.ja-sig.org/wiki/display/CASUM/Demo -- Yitzchak Schaffer Systems Librarian Touro College Libraries 33 West 23rd Street New York, NY 10010 Tel (212) 463-0400 x5230 Fax (212) 627-3197 [email protected] _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
