I immediately ran into problems with the following error:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
This error occured because the certificate being referenced was not in my JRE's keystore. I was able to resolve following the procedure at dreamingthings blog.
I was not thru yet. I then got this error:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
This error arose since I was using the IP address of the server in the CAS authentication URL. While I had used the IP for the Common Name (CN) entry while generating the certificate, this sun forum answer by user ejp discourages that.
I finally regenerated the self signed certificate, making sure that I used the hostname for the CN entry. There were no more errors after that :)
My next post should be on getting ZK to show the CAS username saved in the session.
