search

google-code-export / rubycas-server

Automatically exported from code.google.com/p/rubycas-server
GNU Lesser General Public License v2.1
1 stars 1 forks source link

SSL error in RUBYCAS-SERVER #104

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1.
2.
3.

What is the expected output? What do you see instead?
ON THE CLIENT SIDE :-
javax.servlet.ServletException: The CAS server returned no response.
    org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:155)

On the SERVER SIDE :-
-----------------------------------------
[2010-07-17 15:26:07] INFO  WEBrick::HTTPServer#start: pid=15891 port=8443
10.146.66.21 - - [17/Jul/2010:15:27:26 IST] "GET 
/cas/login?service=http%3A%2F%2F10.146.66.21%3A8084%2FsnCASclient%2F            
                                         HTTP/1.1" 200 2432
- -> /cas/login?service=http%3A%2F%2F10.146.66.21%3A8084%2FsnCASclient%2F
10.146.66.21 - - [17/Jul/2010:15:27:33 IST] "POST /cas/login HTTP/1.1" 302 0
https://10.146.64.153:8443/cas/login?service=http%3A%2F%2F10.146.66.21%3A8084%2F
snCASclient%2F -> /cas/login
[2010-07-17 15:27:36] ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 
errno=0 state=SSLv3 read client certificate A: s                                
                    slv3 alert certificate unknown
        /opt/ruby-enterprise-1.8.7-2010.01/lib/ruby/1.8/openssl/ssl.rb:166:in `accept'
[2010-07-17 15:27:56] ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 
errno=0 state=SSLv3 read client certificate A: sslv3 alert certificate unknown
        /opt/ruby-enterprise-1.8.7-2010.01/lib/ruby/1.8/openssl/ssl.rb:166:in `accept'
[2010-07-17 15:27:57] ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 
errno=0 state=SSLv3 read client certificate A: sslv3 alert certificate unknown
        /opt/ruby-enterprise-1.8.7-2010.01/lib/ruby/1.8/openssl/ssl.rb:166:in `accept'

Please use labels and text to provide additional information.
my config.yml file has :-

server: webrick
#port: 8080

port: 8443

ssl_cert: /home/ruby/ssl_certificates/server.crt
ssl_key: /home/ruby/ssl_certificates/server.key

How can this be solved ?

Original issue reported on code.google.com by nambia...@gmail.com on 17 Jul 2010 at 10:08

GoogleCodeExporter commented 9 years ago 
Looks like some sort of SSL problem... either with the OpenSSL library, or 
something about the way your client is doing its SSL negotiation. This is a bit 
outside of my area of expertise... hopefully someone can tackle this?

Original comment by matt.zuk...@gmail.com on 2 Aug 2010 at 10:01

GoogleCodeExporter commented 9 years ago 
Probably you don't have imported your custom certificates in client side, for 
example:

 keytool -import -alias localhost -file /root/certificates/server.crt -trustcacerts -v -keystore /usr/lib/jvm/java-1.6.0/jre/lib/security/cacerts

default password of keystore is: changeit

Antonio

Original comment by ants...@gmail.com on 13 Sep 2010 at 2:23