Red Hat Bugzilla – Bug 972872
would like update to mod_auth_cas 1.0.10
Last modified: 2015-10-30 11:26:40 EDT
Description of problem:
Version 1.0.10 fixes a security problem in previous versions. Current version also does not play well with SSL certificates that use intermediate CA certs.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. set CASLoginURL to an SSL server using an SSL certificate signed with intermediate CA cert (e.g. digicert would be an example)
2. try accessing CAS protected resource
Error log always says
[Mon Jun 10 12:04:32 2013] [error] [client XXX] MOD_AUTH_CAS: Certificate CN does not match XXX
Newer versions of mod_auth_cas switched SSL infrastucture so they could handle SSL certificates better.
The current version on EPEL (220.127.116.11) does not work with SAML Validation.
I did a straight recompile from source (1.0.10), and it worked right away.
Version 1.0.10 is already a year old.
Version 1.0.10 still hasn't had a stable release from upstream. We generally don't ship pre-release software in EPEL. I'll update once it's released.