CAS proxy validation failure - Configured TLS trust engine was not used

Cantor, Scott cantor.2 at
Mon Aug 17 18:08:18 UTC 2020

On 8/17/20, 1:35 PM, "users on behalf of Paul B. Henson" <users-bounces at on behalf of henson at> wrote:

>    Hmm, while I do plan to at some point use a custom client for CAS proxy validation, I haven't done that yet; it should
> be using the system default one. Also, it works the first time, but then gives that error the second time? Shouldn't it be
> using the same client both times? Why would it be configured correctly the first time, but incorrectly the second?

Yes, so my only conclusion is that the error means what it says. The second client can't be running a trusted certificate at the proxy validation endpoint and that's just the fallout from it not being able to verify it.

Otherwise it's a complex bug with no real quick answer.

-- Scott

More information about the users mailing list