Prompt user for x509 certificate on hardware token
Scott Battaglia
scott.battaglia at gmail.com
Thu Aug 31 11:16:35 EDT 2006
Mark,
Are there any errors in the log? If not, try turning on debugging, and
seeing if anything appears. I don't know what browser you are using, but if
its IE sometimes they don't display very clear error messages either.
Finally, if your web browser configured to send the certificate?
Thanks
-Scott
On 8/31/06, Mark Stralka <mstralka at gmail.com> wrote:
>
> I got single signon to work for usernames and passwords authenticated
> against our LDAP directory. However, my company uses SafeNet iKey2032
> hardware tokens to store our certificates and we have our own public key
> infrastructure with our own Root CA. Before one can use this token to
> authenticate yourself, you have to enter your passphrase, which unlocks your
> private key, which then proves who you are to the server. I've followed the
> instructions to configure CAS to use the client's x509 certificate, but it
> doesn't prompt me to enter my passphrase, and when I configure Tomcat to
> clientAuth="true", restart, and try to go to the CAS server, I get "page
> cannot be displayed". Does anyone know how to configure CAS to prompt me to
> enter my token passphrase?
>
> Thanks
> Mark
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20060831/9f8e3662/attachment.html
More information about the cas
mailing list