From 20c729de4ca2411346949fc7c9b3fef67b63d527 Mon Sep 17 00:00:00 2001
From: Marc MAURICE <mmaurice@x2i.fr>
Date: Tue, 19 Dec 2017 16:13:39 +0100
Subject: [PATCH] Update doc to add info on self signed cas certs

I spent hours on this.
Trying to add the cas server certificate in /etc/cas/jetty/thekeystore : no success.
I also tried to separate the trust store in another file changing jetty.ssl.truststore.path : no success.

Always had the error :
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Finally, adding it to the global keystore solved my problem.
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index d5a4d2d..9712dd8 100644
--- a/README.md
+++ b/README.md
@@ -12,6 +12,7 @@ the application server in the [`web.xml`](https://github.com/UniconLabs/cas-samp
 
 * Create a Java keystore at `/etc/cas/jetty/thekeystore` with the password `changeit`.
 * Import your server certificate inside this keystore.
+* If your CAS server certificate is self signed, import it in the system global keystore (/etc/pki/java/cacerts on some systems)
 
 ```bash
 mvn clean package jetty:run-forked