Yes. I understand the distinction...I was typing quickly :) I do get an error in my cas-management log about ssl - but my regular /cas/login link loads just fine (self signed cert on this particular server)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) ~[?:1.8.0_171] at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) ~[?:1.8.0_171] at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.8.0_171] at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[?:1.8.0_171] at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[?:1.8.0_171] at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[?:1.8.0_171] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) ~[?:1.8.0_171] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) ~[?:1.8.0_171] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) ~[?:1.8.0_171] at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) ~[?:1.8.0_171] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) ~[?:1.8.0_171] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) ~[?:1.8.0_171] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) ~[?:1.8.0_171] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) ~[?:1.8.0_171] at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[?:1.8.0_171] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.8.0_171] at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564) ~[?:1.8.0_171] at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492) ~[?:1.8.0_171] at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263) ~[?:1.8.0_171] at org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431) ~[cas-client-core-3.4.1.jar:3.4.1] at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41) ~[cas-client-core-3.4.1.jar:3.4.1] at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193) ~[cas-client-core-3.4.1.jar:3.4.1] at org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:61) ~[pac4j-cas-2.2.0.jar:?] at org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:68) ~[pac4j-cas-2.2.0.jar:?] at org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:37) ~[pac4j-cas-2.2.0.jar:?] at org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44) ~[pac4j-core-2.2.0.jar:?] at org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113) ~[pac4j-core-2.2.0.jar:?] ... 72 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[?:1.8.0_171] at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[?:1.8.0_171] at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[?:1.8.0_171] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) ~[?:1.8.0_171] at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) ~[?:1.8.0_171] at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.8.0_171] at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[?:1.8.0_171] at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[?:1.8.0_171] at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[?:1.8.0_171] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) ~[?:1.8.0_171] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) ~[?:1.8.0_171] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) ~[?:1.8.0_171] at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) ~[?:1.8.0_171] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) ~[?:1.8.0_171] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) ~[?:1.8.0_171] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) ~[?:1.8.0_171] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) ~[?:1.8.0_171] at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[?:1.8.0_171] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.8.0_171] at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564) ~[?:1.8.0_171] at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492) ~[?:1.8.0_171] at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263) ~[?:1.8.0_171] at org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:431) ~[cas-client-core-3.4.1.jar:3.4.1] at org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:41) ~[cas-client-core-3.4.1.jar:3.4.1] at org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:193) ~[cas-client-core-3.4.1.jar:3.4.1] at org.pac4j.cas.credentials.authenticator.CasAuthenticator.validate(CasAuthenticator.java:61) ~[pac4j-cas-2.2.0.jar:?] at org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:68) ~[pac4j-cas-2.2.0.jar:?] at org.pac4j.cas.client.direct.DirectCasClient.retrieveCredentials(DirectCasClient.java:37) ~[pac4j-cas-2.2.0.jar:?] at org.pac4j.core.client.DirectClient.getCredentials(DirectClient.java:44) ~[pac4j-core-2.2.0.jar:?] at org.pac4j.core.engine.DefaultSecurityLogic.perform(DefaultSecurityLogic.java:113) ~[pac4j-core-2.2.0.jar:?] On Thursday, May 17, 2018 at 4:16:06 PM UTC-4, rbon wrote: > > Jen, > > I think you mean a cas-management error and not 'CAS error'. > Are CAS and cas-management running on the same tomcat? > Logging config for cas-management is in log4j2-management.xml which also > introduces cas-management.log. > > Ray > > On Thu, 2018-05-17 at 12:55 -0700, Jennifer LaVoie wrote: > > > nothing helpful in cas.log or catalina.out that I can see > > it seems to be CAS error because the leaf is on the tab and above the > error that I posted it says > > Cas Service Management > > Jen > > On Thursday, May 17, 2018 at 3:44:27 PM UTC-4, David Curry wrote: > > Haven't seen that one, that I can recall. > > Is that a CAS error (shows in a CAS-branded web page) or a Tomcat error? > > Do the logs (cas.log and/or catalina.out) say anything helpful? > > > > -- > > DAVID A. CURRY, CISSP > *DIRECTOR OF INFORMATION SECURITY* > INFORMATION TECHNOLOGY > > 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 > +1 212 229-5300 x4728 • [email protected] > > [image: The New School] > > On Thu, May 17, 2018 at 3:40 PM, Jennifer LaVoie <[email protected]> > wrote: > > I updated the management.properties file with some ports specifically > defined. And that is now working as expected... > > However, I get this > > The CAS management webapp is unavailable. > > There was an error trying to complete your request. Please notify your > support desk or try again. > > > > > > On Thursday, May 17, 2018 at 3:18:42 PM UTC-4, Jennifer LaVoie wrote: > > So I have followed all the steps here > > > https://dacurry-tns.github.io/deploying-apereo-cas/building_svcmgmt_configure-webapp-properties.html > > (awesome site) > > And when I try to go to > > https://cashost:8443/cas-management > > I am redirected to here > > > https://casserver.herokuapp.com/cas/login?service=https%3A%2F%2Fcashost%3A8443%2Fcas-management%2Fmanage.html > > I have already logged into my cas. > > What config file have I forgotten to change? > > Jen > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-1db0e370795e%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/53c3f120-14ec-41af-8447-1db0e370795e%40apereo.org?utm_medium=email&utm_source=footer> > . > > > > -- > Ray Bon > Programmer analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] <javascript:> > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0ea63b46-e684-4b97-9114-9fe576d81785%40apereo.org.
