CAS with Apache mod_proxy and Tomcat
Yitzchak Schaffer
yitzchas at touro.edu
Tue Dec 16 12:56:46 EST 2008
Hello all:
Trying to get CAS working with Apache proxying to Tomcat via AJP. I did
the demo [1] successfully with Tomcat standing alone, but I don't
understand Tomcat+CAS well enough to know how to get my self-signed dev
(cas.jim.com) setup going. When I browse
https://cas.jim.com/cas/services/ for example, I get:
You are not authorized to use this application for the following reason:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target.
This had worked with standalone Tomcat. For Apache, I used:
openssl req -new -x509 -nodes -out cas.crt -keyout cas.key
to create my certificate and key, which are working with Apache alone.
I then did:
sudo keytool -import -file cas.crt -keypass changeit
to get them into keystore.
What did I miss in this relationship?
Thank you!
[1] http://www.ja-sig.org/wiki/display/CASUM/Demo
--
Yitzchak Schaffer
Systems Librarian
Touro College Libraries
33 West 23rd Street
New York, NY 10010
Tel (212) 463-0400 x5230
Fax (212) 627-3197
yitzchas at touro.edu
More information about the cas
mailing list