I'm running CAS authentication on one server, and a website that is to be secured on a seperate server on my local network.
When I ran both CAS and Apache on the same server, they worked fine. When I separated them to two different physical hosts, they don't work anymore.
The CAS-login works fine, but when I get redirected back to my apache after logging in, I get this in the apache log::
"mod_auth_cas: Could not perform SSL handshake with example.casserver.com (check CASCertificatePath)".
I checked CASCertificatePath, and I verified it points to the correct certificate(certificate of the CAS-server). I obtain the certificate by copying it from the cas-host to the apache-host, and I verified that the file is readable, and that the url resolves and is correct.
Anyone know what might be wrong?
Since I'm only doing this within a confined local network, there is no point in involving the CA's, so the certificate used by the CAS-server is a simple self signed certificate made by the jdk-tool:
keytool -genkey -keyalg "RSA" -dname
Is this the problem? Does mod_auth_cas require the certificate to be CA-signed, for instance by creating my own CA for the network using TinyCA2?