1

I have 2 servers. Server1 is an Ubuntu 12.04 LTS with Alfresco 4.2 on Tomcat. Server2 is a Windows 7 with my CAS server (SSO) on eclipse installation. Both have apache with mod proxy AJP in front to negotiate SSL.

Alfresco on server1.tld return CAS on server2.tld. But when I log me in, Alfresco/tomcat on server1 return an exception :

java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching server2.tld found

Vhost on server1 :

<VirtualHost *:80> ServerName server1.tld Redirect permanent / https://server1.tld/ </VirtualHost> <VirtualHost *:443> ServerName server1 ServerAdmin [email protected] DocumentRoot "/home/user/alfresco-4.2.e/" CustomLog /var/log/apache2/access.ged.log combined ErrorLog /var/log/apache2/errors.ged.log Header Always set Cache-Control "no-cache,no-store" Header Always set Pragma "no-cache" Header Always set Expires 0 RewriteEngine On ProxyPass / ajp://server1.tld:8039/ ProxyPassreverse / ajp://server1.tld:8039/ SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /etc/ssl/certs/server1.tld.crt SSLCertificateKeyFile /etc/ssl/private/server1.tld.pem SSLCACertificateFile /etc/ssl/certs/ca.crt SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 </VirtualHost>

Vhost on server2 :

<VirtualHost *:80> ServerName server2.tld Redirect permanent / https://server2.tld </VirtualHost> <VirtualHost *:443> ServerName server2.tld ServerAdmin [email protected] DocumentRoot "C:\Users\user\eclipse\sso-cas\cas.web" CustomLog logs/access.cas.log combined ErrorLog logs/errors.cas.log Header Always set Cache-Control "no-cache,no-store" Header Always set Pragma "no-cache" Header Always set Expires 0 RewriteEngine On ProxyPass / ajp://server2.tld:8029/ ProxyPassreverse / ajp://server2.tld:8029/ SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile "C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf\server2.tld.crt" SSLCertificateKeyFile "C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf\server2.tld.pem" SSLCACertificateFile "C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf\ca.crt" SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 </VirtualHost>

How to solve that? Without any code changes in Alfresco if possible.

EDIT

Perhaps the problem is the tomcat server.xml configuration ? Currently configuration on tomcat server1 server.xml :

<Connector port="8039" URIEncoding="UTF-8" protocol="AJP/1.3" redirectPort="8473" />

Currently configuration on tomcat server2 server.xml :

<Connector port="8029" protocol="AJP/1.3" redirectPort="8443"/>

I have no ssl attribute because I think communications between apache and tomcat was non-secure. But is something wrong ?

Improve this question
2
  • It looks as if one of your certs misses server1.tld in the CN or subject alt name list. Commented Mar 18, 2014 at 15:46
  • Sorry, there is a mistake. The exception concern server2 on server1: No name matching server2.tld found I have just checked Common Name and Internal Name of server2.tld.crt. It's the same. Commented Mar 19, 2014 at 8:37

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.