cryptography errors in cas saml idp setup

29 views
Skip to first unread message

cheekian yap

unread,
Dec 22, 2020, 11:10:14 AM12/22/20
to CAS Community
Hi,

cas version 6.2.6

running keytool -v -list -keystore thekeystore shows:

Your keystore contains 1 entry

Alias name: cas
Creation date: Dec 22, 2020
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=cassaml.ddns.net, OU=Example, OU=Org, C=US
Issuer: CN=cassaml.ddns.net, OU=Example, OU=Org, C=US
Serial number: 2c2add22
Valid from: Tue Dec 22 12:21:44 UTC 2020 until: Mon Mar 22 12:21:44 UTC 2021
Certificate fingerprints:
SHA1: AD:EF:45:19:AA:C5:B5:C0:F2:29:BD:44:4C:D8:02:BF:AC:C9:09:0C
SHA256: 1C:4A:3C:C2:0F:0C:F4:50:D0:69:7F:9F:3B:C1:D1:87:A3:51:8C:27:3B:76:39:5E:98:E9:A0:20:2F:46:A8:7A
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3

I added the certificate using ./gradlew createKeystore command but still get the errors:

<SSL error getting response from host: cassaml.ddns.net : Error Message: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target>

any idea how to debug this?


cheekian yap

unread,
Dec 22, 2020, 11:20:39 AM12/22/20
to CAS Community, cheekian yap
keytool -import \
  -keystore $JAVA_HOME/lib/security/cacerts \
  -trustcacerts \
  -file /etc/cas/cas.cer \
  -alias CAScert

running this command solve the problem.

cheekian yap 在 2020年12月23日 星期三上午12:10:14 [UTC+8] 的信中寫道:
Reply all
Reply to author
Forward
0 new messages