CAS Server requires SSL. Newcomers to deploying secure web applications (and even old hands) sometimes have difficulty configuring the SSL certificates. This page is intended to provide links and help with troubleshooting SSL in the context of deploying an instance of the Central Authentication Service server.
Generating a certificate
I am gussing that you have a certificate that is either not properly generated or is not installed in your jks keystore.
I am assuming you are using 1.4.x, otherwise you'd have to install JSSE separately.
To generate the certificate you could do this (substitute argument values as it suits your system).
| No Format |
|---|
%JAVA_HOME%\bin\keytool -delete -alias tomcat -keypass changeit
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
%JAVA_HOME%\bin\keytool -export -alias tomcat -keypass changeit -file
%FILE_NAME%
%JAVA_HOME%\bin\keytool -import -file server.crt -keypass changeit
-keystore %JAVA_HOME%/jre/lib/security/cacerts
%JAVA_HOME%\bin\keytool -import -file server.crt -keystore
%JAVA_HOME%\jre\lib\security\cacert
|
World-readability
K.C. Baltz reminded the List that the public cert files must be world-readable, as noted in the README.
Some good threads
...