HLD SSL decryption and CAS
Scott Battaglia
scott.battaglia at gmail.com
Thu May 22 09:48:08 EDT 2008
We run CAS behind a CSS with an SSL accelerator. We've experienced no issues
(I'm not sure how exactly that compares to your configuration as I'm not
familiar with the hardware). We configured our Apache front-end to report
to the Tomcat server that the connection was over http (even though from the
CSS to our CAS server it is only http).
-Scott
On Thu, May 22, 2008 at 2:42 AM, Liam Dixon <Liam.Dixon at standards.org.au>
wrote:
> Hi All,
> We attempting to implement CAS into our production environment.
> We are utilising Cisco's ACE for hardware based load balancing, we are also
> processing the SSL certificates for both CAS and our application on the load
> balancer.
>
> The CAS server is a single node (no actual load balancing just utilising
> the decryption and network protection)
> Unfortunatly I've only ever deployed CAS in a single server with a self
> issued SSL without issue.
>
> I was wondering if any issues existed with handling the SSL certificate on
> the HLD and presenting the application as HTTPS to users but serving it as
> HTTP behind the HLD. We are experiencing some issues (although no actual
> warning/errors in the wrapper logs) upon successful validation against our
> LDAP server when redirecting back to the service url.
>
> Any help and information would be greatly appreciated.
>
> Regards,
> *Liam Dixon
> *
>
> ______________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit http://www.messagelabs.com/email
> ______________________________________________________________________
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080522/332b2dd2/attachment.html
More information about the cas
mailing list