this error will be cause from curl ssl version. phpCAS library using curl.
This curl works well in Apache2 + openssl's SSL but not work at Tomcat SSL.
You cant test curl function as like following:
curl --url 'http://lms.example.com/login/index.php?authCAS=CAS' --cacert /etc/ssl/certs/ca-cert.pem --sslv3
As your site, omit option --sslv3 will be not work.
So, You have to setting curl SSL Version Option!
my configuration is :
openLDAP + CAS 3.4.11 + moodle 2.2.1 + phpCAS1.2.2
First of All, I'd change phpCAS bundle to phpCAS1.2.2.
you can download phpCAS1.2.2 from https://wiki.jasig.org/display/CASC/phpCAS.
and tar xvzf CAS-1.2.2.tgz. After unzip, you have to backup original phpCAS at moodle/auth/cas/CAS to CAS-org.
After that, move CAS-1.2.2 directory to moodle/auth/cas/CAS .
And then, go to the directory moodle/auth/cas/CAS/CAS/Request
And then edit the CurlRequest.php file. go to 78 line and add following line:
if ($this->caCertPath) {
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_CAINFO, $this->caCertPath);
curl_setopt($ch, CURLOPT_SSLVERSION, 3); // -- Add this line for SSL Version Setting to 3
phpCAS::trace('CURL: Set CURLOPT_CAINFO');
save change and then login test plz... You will be Login successfully!
Note: If user Account already exists in moodle, You have to change user's authentication method to CAS(SSO).