hello, shall I add the certificate to server.xml on tomcat server or just on Webserver
On Thu, Sep 27, 2018 at 5:50 PM, Loai Abdallatif <loai.abdalla...@gmail.com> wrote: > Hello, > > I have Set Apache Load Balancer ( ModJK) with Server IP 192.168.1.120 > (Webserver01.epsilon.test) which forward the traffic to tomcat server > .(192.168.1.111 (appserver01.epsilon.test) > > each tomcat server has three workers ( 0,1,2) > > I deployed *Central Authentication Service* (CAS) on Worker0 and its > is working with warning related to ssl Certificate, I have another > Application on this worker0 called ServiceCatalog unfortunatly it didnt > work and gave error as below > > > > > > > ERROR org.jasig.cas.client.util.CommonUtils - > sun.security.validator.ValidatorException: > PKIX path building failed > > : > sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested > > target > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: > PKIX path building failed: sun.sec > > > urity.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target > at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) > at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322) > at sun.security.ssl.ClientHandshaker.serverCertificate( > ClientHandshaker.java:1614) > at sun.security.ssl.ClientHandshaker.processMessage( > ClientHandshaker.java:216) > at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) > at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) > at sun.security.ssl.SSLSocketImpl.readRecord( > SSLSocketImpl.java:1072) > at sun.security.ssl.SSLSocketImpl.performInitialHandshake( > SSLSocketImpl.java:1385) > at sun.security.ssl.SSLSocketImpl.startHandshake( > SSLSocketImpl.java:1413) > at sun.security.ssl.SSLSocketImpl.startHandshake( > SSLSocketImpl.java:1397) > at sun.net.www.protocol.https.HttpsClient.afterConnect( > HttpsClient.java:559) > at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnec > tion.connect(AbstractDelegateHttpsURLConnectio > > n.java:185) > at sun.net.www.protocol.http.HttpURLConnection.getInputStream0( > HttpURLConnection.java:1564) > at sun.net.www.protocol.http.HttpURLConnection.getInputStream( > HttpURLConnection.java:1492) > at sun.net.www.protocol.https.HttpsURLConnectionImpl. > getInputStream(HttpsURLConnectionImpl.java:263) > at org.jasig.cas.client.util.CommonUtils.getResponseFromServer( > CommonUtils.java:429) > at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTic > ketValidator.retrieveResponseFromServer(A > > bstractCasProtocolUrlBasedTicketValidator.java:41) > at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidato > r.validate(AbstractUrlBasedTicketValidato > > r.java:193) > at org.springframework.security.cas.authentication. > CasAuthenticationProvider.authenticateNow(CasAuthentica > > > tionProvider.java:157) > at org.springframework.security.cas.authentication. > CasAuthenticationProvider.authenticate(CasAuthenticatio > > > nProvider.java:142) > >