Results 1 to 5 of 5
  1. #1
    pacificz is offline Member
    Join Date
    Jul 2010
    Posts
    2
    Rep Power
    0

    Question CAS certificate issue

    Hi..
    I am facing a problem while configuring CAS with my application in local. The description is as below:

    Presently we have an application ABC which is deployed on a server using Tomcat.This application authenticates using CAS. The production version is running well and we have no issues. But now I have to make some enhancements in the application and deploy it again.

    I have setup the code using eclipse in my PC(WIN XP) and the war file is also ready. As I want to focus on my application only, I tried to reuse the authentication mechanism of CAS of production with my local version of application. I made the necessary changes in web.xml file of my application for CAS. When I run the application in local using http://localhost:8081/dev_abc.. then it successfully redirects to CAS. After entering the ID and password, it should return to my local application war and run the code. But it fails with the exception edu.yale.its.tp.cas.client.CASAuthenticationExcept ion: Unable to validate ProxyTicketValidator and Handshake Exception.

    After this I came to know that I should have my cacerts file in Java, updated with the server certificate. I exported the certificate file of CAS server as .cer file and tried the keytool command to include it in my cacerts. It was done fine as per the steps mentioned in different forums. But still it didnt work. I tried again doing the same but then keytool coomand failed with following display:

    C:\j2sdk1.4.2_05\bin>keytool -import -file cas.domain.com.cer -alias cas_cert -keypass cas_cert -trustcacerts -keystore C:\Program Files\Java\jdk1.5.0\jre\lib\
    security\cacerts
    keytool usage:

    -certreq [-v] [-alias <alias>] [-sigalg <sigalg>]
    [-file <csr_file>] [-keypass <keypass>]
    [-keystore <keystore>] [-storepass <storepass>]
    [-storetype <storetype>] [-provider <provider_class_name>] ...

    -delete [-v] -alias <alias>
    [-keystore <keystore>] [-storepass <storepass>]
    [-storetype <storetype>] [-provider <provider_class_name>] ...

    ---------------- and other keytool options..

    Please help that what exactly needs to be done here and also advice if my approach to use existing CAS of production server is correct or I need to configure CAS too in my local tomcat..

    I shall be highly obliged with any suggestions..

    Regards.. Prashant

  2. #2
    JosAH's Avatar
    JosAH is offline Moderator
    Join Date
    Sep 2008
    Location
    Voorschoten, the Netherlands
    Posts
    13,340
    Blog Entries
    7
    Rep Power
    20

    Default

    Quote Originally Posted by pacificz View Post
    C:\j2sdk1.4.2_05\bin>keytool -import -file cas.domain.com.cer -alias cas_cert -keypass cas_cert -trustcacerts -keystore C:\Program Files\Java\jdk1.5.0\jre\lib\
    security\cacerts
    keytool usage:

    -certreq [-v] [-alias <alias>] [-sigalg <sigalg>]
    [-file <csr_file>] [-keypass <keypass>]
    [-keystore <keystore>] [-storepass <storepass>]
    [-storetype <storetype>] [-provider <provider_class_name>] ...

    -delete [-v] -alias <alias>
    [-keystore <keystore>] [-storepass <storepass>]
    [-storetype <storetype>] [-provider <provider_class_name>] ...

    ---------------- and other keytool options..
    You have to quote the last argument because the directory "Program Files" contains a space character.

    kind regards,

    Jos

  3. #3
    pacificz is offline Member
    Join Date
    Jul 2010
    Posts
    2
    Rep Power
    0

    Default Re: CAS certificate issue

    Dear Jos,

    Thanks for the reply... since i posted this i tried to resolve the keytool command erroe and it was done... the certificate was also added to the cacerts file successfully..

    But still.. the issue is not resolved. As described in my post,I am trying to use the CAS version deployed in server and connecting to my application deployed at local tomcat. Upon hitting the url. http://localhost:8081/appName, it successfully redirects to CAS page.. I then enter my credentials and upon login it should ideally pick the first application page deplyed on localhost. But it throws a ProxyTicketValidator exception..

    I am having no clue as to what did I miss to do.

    Regards..

  4. #4
    JosAH's Avatar
    JosAH is offline Moderator
    Join Date
    Sep 2008
    Location
    Voorschoten, the Netherlands
    Posts
    13,340
    Blog Entries
    7
    Rep Power
    20

    Default

    Quote Originally Posted by pacificz View Post
    But still.. the issue is not resolved. As described in my post,I am trying to use the CAS version deployed in server and connecting to my application deployed at local tomcat. Upon hitting the url. http://localhost:8081/appName, it successfully redirects to CAS page.. I then enter my credentials and upon login it should ideally pick the first application page deplyed on localhost. But it throws a ProxyTicketValidator exception..
    I'm sorry, I can't help you any further; I hardly understand 50% of what you wrote (I know almost nothing about all those certification packages). I wish you all the luck you need; maybe somebody else can help you.

    kind regards,

    Jos

  5. #5
    DarrylBurke's Avatar
    DarrylBurke is offline Member
    Join Date
    Sep 2008
    Location
    Madgaon, Goa, India
    Posts
    11,188
    Rep Power
    19

Similar Threads

  1. PDFBox certificate malformed
    By wanderer2019 in forum Advanced Java
    Replies: 0
    Last Post: 06-09-2010, 10:29 AM
  2. SUN 310-813 certificate
    By koko12 in forum Java Certification
    Replies: 2
    Last Post: 11-24-2009, 05:33 PM
  3. how to create certificate with openssl
    By venkatakrishna.chaithanya in forum New To Java
    Replies: 0
    Last Post: 07-04-2009, 12:07 PM
  4. HTTPS using certificate
    By MCJP in forum Advanced Java
    Replies: 1
    Last Post: 09-25-2008, 01:48 PM
  5. Java certificate
    By Nick15 in forum Java Certification
    Replies: 2
    Last Post: 11-12-2007, 06:02 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •