You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Barbara Nelson <bn...@extricity.com> on 2000/11/15 01:27:02 UTC

Client certificates in Tomcat 3.2 beta7

I am testing Tomcat standalone with client authentication on, and getting
some odd results.  It works fine if client authentication is not turned on
(for both IE and Netscape browsers).  If I turn on client authentication,
Netscape claims that I do not have a personal certificate, and IE asks me to
choose from an empty list of certificates.  If I go via Apache/SSL, and
redirect to Tomcat, it works fine.  Netscape lets me choose the certificate,
IE shows the certificate in the list, and I can see the certificate in the
SnoopServlet output.

Any ideas on the problem with the certificate request when I use Tomcat
standalone?  Is there some configuration to indicate the type of certificate
the server is requesting?  I am using a self-signed certificate, generated
via keytool, on the server.  In the browser, I have a verisign personal
certificate.

Many thanks,
Barbara Nelson.