CAS GH HTTPS configuration

With esup-cas-quick-start, you can use an already exxisting certificate or generate a self-signed new one (by default).

How to use an existing certificate

You can tell esup-cas-quick-start to use a certificate that was previously created for your needs by setting ${jakarta-tomcat.genkey} to false in properties/build.properties, and then precise the keystore to use, the alias of the certificate in the keystore, the keystore password and the key password.

You will write something like:

jakarta-tomcat.keystore.genkey=false
jakarta-tomcat.keystore.path=C:/certs/server.ks
jakarta-tomcat.keystore.alias=jakarta-tomcat
jakarta-tomcat.keystore.storepass=secret
jakarta-tomcat.keystore.keypass=${jakarta-tomcat.keystore.storepass}

How to create a self-signed certificate (for test purposes only)

If you do not have a certificate for your CAS server, you can tell esup-cas-quick-start to create it by setting ${jakarta-tomcat.genkey} to true in properties/build.properties, and then precise the characteristics of the certificate:

jakarta-tomcat.keystore.genkey=true
jakarta-tomcat.keystore.alias=jakarta-tomcat
jakarta-tomcat.keystore.storepass=secret
jakarta-tomcat.keystore.keypass=${jakarta-tomcat.keystore.storepass}
jakarta-tomcat.keystore.keyalg=RSA
jakarta-tomcat.keystore.dname.cn=localhost
jakarta-tomcat.keystore.dname.ou=v
jakarta-tomcat.keystore.dname.o=Esup-Portail.Org
jakarta-tomcat.keystore.dname.c=FR

You also have to precise the path to keytool program (otherwise will default to ${env.JAVA_HOME}/bin/keytool.exe):

jakarta-tomcat.keytool.path=C:/keytool.exe