Unicon Bootiful CAS client SSL config

[Baron Fujimoto]

I'm trying to get the Unicon Bootiful CAS client[1] working. It's README discusses SSL configuration with parameters for key-store and key-store-password. I'm more familiar with working with PEM format certificates for our Tomcat deployments. I don't suppose  there's a way to get this client to use those instead?

The README notes, "you also might need to do the self-cert generation/importing dance into the JVM's trustore for this CAS client/server SSL handshake to work properly". However I apparently don't know the dance steps because when I try to import my self-signed PEM certs into a JKS using keytool, and build/start the client with "./gradlew clean bootRun", it fails with the exception:

org.apache.catalina.LifecycleException: Failed to start component [Connector[HTTP/1.1-8443]]

…

Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed

…

Caused by: java.lang.IllegalArgumentException: Alias name [null] does not identify a key entry

…

Caused by: java.io.IOException: Alias name [null] does not identify a key entry

And I'm afraid my Google-fu is failing to provide a solution for this. This is what I used to create the configured keystore:

keytool -import -alias localhost -keystore localhost.jks -file localhost-self-signed.pem

Can this client be built with a war file as the target that can be deployed with an existing servlet container?

[1] <https://github.com/UniconLabs/bootiful-cas-client>

--

Baron Fujimoto <ba...@hawaii.edu> :: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum