Yales' CAS client attempts to verify the service ticket it received from CAS, and when it tries to connect to the CAS server, it encounters SSL handshake error caused by using a self-signed SSL certificate on the CAS server. The Java process running tomcat does not trust the certificate presented by the CAS server. This is part of Java security.
A work around the issue would be to tell Java to trust the self-signed certificate as below:
# keytool -importcert -trustcacerts -alias {cert_alias_name} -file \
&nbs p; /path/to/self-signed.cer -keypass changeit -keystore \
&nbs p; /usr/local/java/jre/lib/securi ty/cacerts
Use the below command to list:
$ keytool -list -keystore /usr/local/java/jre/lib/securi ty/cacerts | grep -A 1 {cert_alias_name}
- sandip's blog
- Login or register to post comments