We planned to change our E-mail service provider to Gmail, but for some reason this plan was asked to abort by the boss. However, before the plan aborts, I somehow managed to make Google to work with our SSO that is built on Apereo CAS.
When I was working on this, an article provided me very much help: CAS configuration for G Suite , as well as some offical documents listed below:
But after reading those texts, I did not find out where to place my certificate and revalent private key, so I digged into the source code repository and found the way. If you look at the source code , you will find out it act like this:
- check if metadata.xml exists, if not generate one ( and public/private keys etc. )
- before generating cert and key files (for both signing and encryption), check if there is any existing file, force delete if found ( check code)
If you do not have metadata and certificate/key files, the most easy way to get one is to build a testing server to let it generates those files for you.
If you already have those files, just place it in
/etc/cas/, or under the directory you specified by setting