subject:"Re\: \[cas\-user\] CAS Client Location \(PKIX path building failed\)"

Re: [cas-user] CAS Client Location (PKIX path building failed)

2018-02-20 Thread Kevin Liu

I have a keystore in /opt/tomcat/keystore that tomcat uses for SSL. I have 
another keystore in /etc/cas/thekeystore that cas uses. There is also 
another keystore in /usr/java/jre/lib/security/cacerts that I've imported 
certs into too. They are all using the same certs as I created a cert in 
one and imported it to the others.

On Tuesday, February 20, 2018 at 2:34:30 PM UTC-6, Kevin Liu wrote:
>
> Ray,
>
> I am trying to access /cas/status/dashboard from the tomcat server that's 
> deploying the cas.war.
>
> Kevin
> On Tuesday, February 20, 2018 at 2:21:12 PM UTC-6, rbon wrote:
>>
>> Kevin,
>>
>> Are you accessing /cas/login or do you have a another application that is 
>> configured to use CAS?
>> If a different application, is it running in the same tomcat as CAS or 
>> perhaps even on a different computer?
>>
>> Perhaps tomcat needs to have the certificate path in the https section of 
>> conf/server.xml.
>>
>> Ray
>>
>> On Tue, 2018-02-20 at 11:43 -0800, Kevin Liu wrote:
>>
>> I did do that but I'm still getting the same error it seems. Is there 
>> anything I'd have to restart for the change to take effect?
>>
>> On Tuesday, February 20, 2018 at 11:39:47 AM UTC-6, rbon wrote: 
>>
>> Kevin,
>>
>> If you are using a self signed cert, it must be added into the java 
>> environment. Something like:
>>
>> install self signed certificates in java certificate store (must be done 
>> for every java upgrade)
>> sudo keytool -import -file /etc/ssl/certs/name_of.crt -alias name_of 
>> -keystore $JAVA_HOME/jre/lib/security/cacerts
>>
>> Ray
>>
>> On Tue, 2018-02-20 at 07:59 -0800, Kevin Liu wrote:
>>
>> I'm running into a PKIX path building failed and in the documentation it 
>> lists this: "The problem here is that the CAS *client* does not trust 
>> the certificate presented by the CAS server; most often this occurs because 
>> of using a *self-signed certificate* on the CAS server. " 
>>
>> I'm currently using tomcat to run cas vanila server. What would be the 
>> CAS client in this scenario?
>>
>> -- 
>> Ray Bon
>> Programmer analyst
>> Development Services, University Systems
>> 2507218831 | CLE 019 | rb...@uvic.ca
>>
>>
>> -- 
>> Ray Bon
>> Programmer analyst
>> Development Services, University Systems
>> 2507218831 | CLE 019 | rb...@uvic.ca
>>
>>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/39c46872-5637-4968-b6e4-6f45e254129d%40apereo.org.

Re: [cas-user] CAS Client Location (PKIX path building failed)

2018-02-20 Thread Kevin Liu

Ray,

I am trying to access /cas/status/dashboard from the tomcat server that's 
deploying the cas.war.

Kevin
On Tuesday, February 20, 2018 at 2:21:12 PM UTC-6, rbon wrote:
>
> Kevin,
>
> Are you accessing /cas/login or do you have a another application that is 
> configured to use CAS?
> If a different application, is it running in the same tomcat as CAS or 
> perhaps even on a different computer?
>
> Perhaps tomcat needs to have the certificate path in the https section of 
> conf/server.xml.
>
> Ray
>
> On Tue, 2018-02-20 at 11:43 -0800, Kevin Liu wrote:
>
> I did do that but I'm still getting the same error it seems. Is there 
> anything I'd have to restart for the change to take effect?
>
> On Tuesday, February 20, 2018 at 11:39:47 AM UTC-6, rbon wrote: 
>
> Kevin,
>
> If you are using a self signed cert, it must be added into the java 
> environment. Something like:
>
> install self signed certificates in java certificate store (must be done 
> for every java upgrade)
> sudo keytool -import -file /etc/ssl/certs/name_of.crt -alias name_of 
> -keystore $JAVA_HOME/jre/lib/security/cacerts
>
> Ray
>
> On Tue, 2018-02-20 at 07:59 -0800, Kevin Liu wrote:
>
> I'm running into a PKIX path building failed and in the documentation it 
> lists this: "The problem here is that the CAS *client* does not trust the 
> certificate presented by the CAS server; most often this occurs because of 
> using a *self-signed certificate* on the CAS server. " 
>
> I'm currently using tomcat to run cas vanila server. What would be the CAS 
> client in this scenario?
>
> -- 
> Ray Bon
> Programmer analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | rb...@uvic.ca
>
>
> -- 
> Ray Bon
> Programmer analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | rb...@uvic.ca 
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/7f85fb8f-f688-4d2c-a744-a37eede27b41%40apereo.org.

Re: [cas-user] CAS Client Location (PKIX path building failed)

2018-02-20 Thread Ray Bon

Kevin,

Are you accessing /cas/login or do you have a another application that is 
configured to use CAS?
If a different application, is it running in the same tomcat as CAS or perhaps 
even on a different computer?

Perhaps tomcat needs to have the certificate path in the https section of 
conf/server.xml.

Ray

On Tue, 2018-02-20 at 11:43 -0800, Kevin Liu wrote:
I did do that but I'm still getting the same error it seems. Is there anything 
I'd have to restart for the change to take effect?

On Tuesday, February 20, 2018 at 11:39:47 AM UTC-6, rbon wrote:
Kevin,

If you are using a self signed cert, it must be added into the java 
environment. Something like:

install self signed certificates in java certificate store (must be done for 
every java upgrade)
sudo keytool -import -file /etc/ssl/certs/name_of.crt -alias name_of -keystore 
$JAVA_HOME/jre/lib/security/cacerts

Ray

On Tue, 2018-02-20 at 07:59 -0800, Kevin Liu wrote:
I'm running into a PKIX path building failed and in the documentation it lists 
this: "The problem here is that the CAS client does not trust the certificate 
presented by the CAS server; most often this occurs because of using a 
self-signed certificate on the CAS server. "

I'm currently using tomcat to run cas vanila server. What would be the CAS 
client in this scenario?

--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | rb...@uvic.ca


--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1519158064.1765.59.camel%40uvic.ca.

Re: [cas-user] CAS Client Location (PKIX path building failed)

2018-02-20 Thread Kevin Liu

I did do that but I'm still getting the same error it seems. Is there 
anything I'd have to restart for the change to take effect?

On Tuesday, February 20, 2018 at 11:39:47 AM UTC-6, rbon wrote:
>
> Kevin,
>
> If you are using a self signed cert, it must be added into the java 
> environment. Something like:
>
> install self signed certificates in java certificate store (must be done 
> for every java upgrade)
> sudo keytool -import -file /etc/ssl/certs/name_of.crt -alias name_of 
> -keystore $JAVA_HOME/jre/lib/security/cacerts
>
> Ray
>
> On Tue, 2018-02-20 at 07:59 -0800, Kevin Liu wrote:
>
> I'm running into a PKIX path building failed and in the documentation it 
> lists this: "The problem here is that the CAS *client* does not trust the 
> certificate presented by the CAS server; most often this occurs because of 
> using a *self-signed certificate* on the CAS server. " 
>
> I'm currently using tomcat to run cas vanila server. What would be the CAS 
> client in this scenario?
>
> -- 
> Ray Bon
> Programmer analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | rb...@uvic.ca 
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c496f36a-9ffe-494e-8261-e79e81112a92%40apereo.org.

Re: [cas-user] CAS Client Location (PKIX path building failed)

2018-02-20 Thread Ray Bon

Kevin,

If you are using a self signed cert, it must be added into the java 
environment. Something like:

install self signed certificates in java certificate store (must be done for 
every java upgrade)
sudo keytool -import -file /etc/ssl/certs/name_of.crt -alias name_of -keystore 
$JAVA_HOME/jre/lib/security/cacerts

Ray

On Tue, 2018-02-20 at 07:59 -0800, Kevin Liu wrote:
I'm running into a PKIX path building failed and in the documentation it lists 
this: "The problem here is that the CAS client does not trust the certificate 
presented by the CAS server; most often this occurs because of using a 
self-signed certificate on the CAS server. "

I'm currently using tomcat to run cas vanila server. What would be the CAS 
client in this scenario?

--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | r...@uvic.ca

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1519148379.1765.46.camel%40uvic.ca.

Re: [cas-user] CAS Client Location (PKIX path building failed)

2018-02-20 Thread Kevin Liu

Where is the path specified? I don't remember running into this?

On Tuesday, February 20, 2018 at 10:37:53 AM UTC-6, Manfredo Hopp wrote:
>
> Path to your certificate is not found
>
> El martes, 20 de febrero de 2018, Kevin Liu  > escribió:
>
>> This is the error I keep getting:
>>
>> Error: java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: 
>> sun.security.validator.ValidatorException: PKIX path building failed: 
>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
>> valid certification path to requested target
>>
>>
>> On Tuesday, February 20, 2018 at 9:59:04 AM UTC-6, Kevin Liu wrote:
>>>
>>> I'm running into a PKIX path building failed and in the documentation it 
>>> lists this: "The problem here is that the CAS *client* does not trust 
>>> the certificate presented by the CAS server; most often this occurs because 
>>> of using a *self-signed certificate* on the CAS server. "
>>>
>>> I'm currently using tomcat to run cas vanila server. What would be the 
>>> CAS client in this scenario?
>>>
>> -- 
>> - Website: https://apereo.github.io/cas
>> - Gitter Chatroom: https://gitter.im/apereo/cas
>> - List Guidelines: https://goo.gl/1VRrw7
>> - Contributions: https://goo.gl/mh7qDG
>> --- 
>> You received this message because you are subscribed to the Google Groups 
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to cas-user+u...@apereo.org .
>> To view this discussion on the web visit 
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/2ae7add2-3240-458b-9f4a-ee8ea012c411%40apereo.org
>>  
>> 
>> .
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f52c2324-2121-4971-b6e0-8a5367a55efb%40apereo.org.

Re: [cas-user] CAS Client Location (PKIX path building failed)

2018-02-20 Thread Man H

Path to your certificate is not found

El martes, 20 de febrero de 2018, Kevin Liu 
escribió:

> This is the error I keep getting:
>
> Error: java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: 
> sun.security.validator.ValidatorException: PKIX path building failed: 
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
> valid certification path to requested target
>
>
> On Tuesday, February 20, 2018 at 9:59:04 AM UTC-6, Kevin Liu wrote:
>>
>> I'm running into a PKIX path building failed and in the documentation it
>> lists this: "The problem here is that the CAS *client* does not trust
>> the certificate presented by the CAS server; most often this occurs because
>> of using a *self-signed certificate* on the CAS server. "
>>
>> I'm currently using tomcat to run cas vanila server. What would be the
>> CAS client in this scenario?
>>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/2ae7add2-3240-458b-9f4a-
> ee8ea012c411%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5mie2e7pXp4_3Uhs2TtNowXq3e5vE9e%3DXoW-BeNKCEyqx3A%40mail.gmail.com.

Re: [cas-user] CAS Client Location (PKIX path building failed)

Re: [cas-user] CAS Client Location (PKIX path building failed)

Re: [cas-user] CAS Client Location (PKIX path building failed)

Re: [cas-user] CAS Client Location (PKIX path building failed)

Re: [cas-user] CAS Client Location (PKIX path building failed)

Re: [cas-user] CAS Client Location (PKIX path building failed)

Re: [cas-user] CAS Client Location (PKIX path building failed)

7 matches

Site Navigation

Mail list logo

Footer information