...
Starting with the Case mod_cas distribution as a base ~ceharris wrote a modification to support the XML objects returned by CAS 2 and up. It was also modified to support a chain of trusted CA certificates, rather than a single certificate. The attached mod_cas-VATECH.tar.gz can be used with the instructions posted on the Case wiki to produce the improved mod_cas. The CASTrustedCerts directive can now point to a file containing a trusted CA cert chain.
For a documented sample Apache configuration file, Andrew Feller has provided a base for new and experienced deployers to use; see the mod_cas-VATECH.conf attachment.
TODO: The ssl_verify.c module in mod_cas is rather monolithic and inelegant. It could really stand to be significantly refactored.
TODO: OpenSSL has options for getting the trusted CA cert chain as a single file or as a directory. The directory option is not currently implemented in mod_cas-VATECH, but should be added.
...