1. webapp对接到CAS认证时,若CAS Server端的tomcat配置了SSL,则对接的webapp所在的JAVA环境要导入CAS Server端tomcat所用的CRT证书,Windows上的导入命令是:

keytool -import -keystore %JAVA_HOME%\jre\lib\security\cacerts -file g:\sso\ssodemo.crt -alias ssodemo

Linux导入命令类似。

附上生成自制证书的命令:

keytool -genkey -alias ssodemo -keyalg RSA -keysize  -keypass michaelpwd -validity  -keystore g:\sso\ssodemo.keystore -storepass michaelpwd
keytool -export -alias ssodemo -keystore g:\sso\ssodemo.keystore -file g:\sso\ssodemo.crt -storepass michaelpwd

2.

05-02 05:25