I've spent most of the day trying to figure this out, but thus far it has beaten me.
I am on the final stages of my CAS deployment, LDAP working, password policies working, prettied up the theme, but when putting the server up behind my load balancer I'm still getting "Non-Secure Connection". I've changed my jetty.xml slightly in thinking disabling the port 8080 connector would do the trick, nope. It's now serving only on port 8443 but won't accept https connections. Attached are the Jetty xml files. I've tried adding different connectors from here with no luck: http://www.eclipse.org/jetty/documentation/9.1.5.v20140505/configuring-connectors.html Here's what I see in the logs too, doesn't look to be using https: [STDERR] 2016-10-26 21:16:49.545:INFO:/cas:main: Initializing Spring FrameworkServlet 'cas' [STDERR] 2016-10-26 21:16:49.740:INFO:oejsh.ContextHandler:main: Started o.e.j.m.p.JettyWebAppContext@64c87930{/cas,[file:///cas-overlay/src/main/webapp/, file:///cas-overlay/target/tmp/cas-server-webapp-4_2_6_war1/],AVAILABLE} [STDERR] 2016-10-26 21:16:49.761:INFO:oejus.SslContextFactory:main: x509=X509@502f9271(root,h=[psd401.net],w=[psd401.net]) for SslContextFactory@313b6907(file:///etc/cas/jetty/thekeystore,file:///etc/cas/jetty/thekeystore) [STDERR] 2016-10-26 21:16:49.765:INFO:oejus.SslContextFactory:main: x509=X509@3f64a088(tomcat,h=[],w=[]) for SslContextFactory@313b6907(file:///etc/cas/jetty/thekeystore,file:///etc/cas/jetty/thekeystore) [STDERR] 2016-10-26 21:16:49.820:INFO:oejs.ServerConnector:main: Started ServerConnector@31e9f7ae{HTTP/1.1,[ssl, http/1.1]}{0.0.0.0:8443} [STDERR] 2016-10-26 21:16:49.820:INFO:oejs.Server:main: Started @10826ms [STDOUT] -1PB1KXG2D6QF6 I figured that if I added my nginx certificate to my keystore, that would do the trick. This didn't work either. In previous CAS versions I remember having to change the server.xml, but I can't find how to change that file with 4.2.6. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0bf464c6-7604-437b-956a-d0ee6034f124%40apereo.org.
jetty-https.xml
Description: XML document
jetty-ssl.xml
Description: XML document
jetty.xml
Description: XML document
