javax.servlet.ServletException: sun.security.validator.ValidatorException: No trusted certificate found
Scott Battaglia
scott_battaglia at rutgers.edu
Fri Aug 11 09:07:18 EDT 2006
Take a look at:
http://www.ja-sig.org/products/cas/server/ssl/index.html
It looks like your client application's JVM doesn't trust your CAS
server's certificate and it needs to be added to the JVM's cacerts file.
-Scott
Noel Sebastien (BIL) wrote:
> I am newbie to CAS. I am using CAS 3 on Tomcat 5 under Eclipse
> (MyEclipse) with Java sdk 1.4.2_02.
> It works fine until I type the password to the CAS login page, then it
> redirect to the service caller (https:...) and display the following
> error :
>
> javax.servlet.ServletException:
> sun.security.validator.ValidatorException: No trusted certificate found
>
> edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilt
> er.java:254)
>
> edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184)
> root cause
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: No trusted certificate found
> com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA6275)
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
> com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
> com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
> com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
>
> com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
> sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
>
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Da
> shoA6275)
>
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnec
> tion.java:617)
>
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(DashoA6
> 275)
> edu.yale.its.tp.cas.util.SecureURL.retrieve(SecureURL.java:70)
>
> edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(ServiceTicket
> Validator.java:212)
>
> edu.yale.its.tp.cas.client.filter.CASFilter.getAuthenticatedUser(CASFilt
> er.java:219)
>
> edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:184)
> note The full stack trace of the root cause is available in the Apache
> Tomcat/5.0.28 logs.
>
>
> Searching the archive I am reviving an old thread ending having the SAME
> explanation but with no solution
> (http://tp.its.yale.edu/pipermail/cas/2005-May/001241.html ) besides
> this thread says a possible way is to look at the link
> http://jasigch.princeton.edu:9000/display/CAS/Solving+SSL+issues
> But this is a broken link.. Has anyone the solution please ?
> I am not sure to understand what is wrong. SSL in the web browser ? SSL
> certificate in Tomcat ? Other ?
>
> Thank you in advance,
>
>
> ---------------------
> An electronic message is not binding on its sender.
> Any message referring to a binding engagement must be confirmed in writing and duly signed.
> ---------------------
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
More information about the cas
mailing list