Does a CA has any role in CAS architecture?
Mehdi Sarmadi
msarmadi at gmail.com
Tue Nov 18 05:44:43 EST 2008
Thanks Michael Ströder.
I meant about using certificates instead of token/tickets. For
example, I think Microsoft Active Directory uses such things in
combination with Kerberos.
How about this scenario? Does CAS support/do such things?
On Tue, Nov 18, 2008 at 1:57 PM, Michael Ströder <michael at stroeder.com> wrote:
>
> Mehdi Sarmadi wrote:
> > I'm wondering if a Certificate Authority Server has a role in CAS or
> > other SSO solutions architecture?
>
> Normally a CA signs the server certs needed for deploying HTTP over SSL.
>
> > Is it essential or best practice to have Certificate Authority Service
> > inside the architecture or better and enough just to have SSO and SSL
> > certificates signed by public providers like Verisign?
>
> Your SSL server certs can be signed by any CA. But the root CA's cert
> has to be installed as trust anchor in each CAS-ified application (CAS
> client) and the web browsers of the end users.
>
> Ciao, Michael.
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
--
Mehdi Sarmadi
More information about the cas
mailing list