CAS proxy validation failure - Configured TLS trust engine was not used
cantor.2 at osu.edu
Mon Aug 17 18:08:18 UTC 2020
On 8/17/20, 1:35 PM, "users on behalf of Paul B. Henson" <users-bounces at shibboleth.net on behalf of henson at cpp.edu> wrote:
> Hmm, while I do plan to at some point use a custom client for CAS proxy validation, I haven't done that yet; it should
> be using the system default one. Also, it works the first time, but then gives that error the second time? Shouldn't it be
> using the same client both times? Why would it be configured correctly the first time, but incorrectly the second?
Yes, so my only conclusion is that the error means what it says. The second client can't be running a trusted certificate at the proxy validation endpoint and that's just the fallout from it not being able to verify it.
Otherwise it's a complex bug with no real quick answer.
More information about the users