You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ramsay Domloge <rd...@arkemedia.com> on 2003/03/21 14:26:55 UTC
+ExportCertData causes certificate conversion error
Hey All,
Sorry for the repeated postings, but this problem is something of an
urgent one...
I am experiencing an error in Tomcat when it tries to build the client
certificate object into the request before being passed to my servlet. I
am using Apache 2.0.44 with mod_ssl and mod_jk. The sysem requires 2-way
authentication, so the client certificate data needs to get back to
Tomcat for processing.
It all seems to work fine until I use" SSLOptions +ExportCertData", This
should make sure that mod_jk conveys the certificate through to Tomcat
for reconstitution as a Certificate object. However, the conversion
process fails:
SEVERE: Certificate convertion failed
java.security.cert.CertificateException: Unable to initialize,
java.io.IOException: insufficient data
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:289)
at
sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:94)
...
I cannot believe that I am the only one that is trying to implement
2-way authentication with Tomcat... Please can anyone that has had
experience of setting this up, or who knows of a good web site contact
me on this list or at rdomloge@arkemedia.com
Help!!
Ramsay
============================================================================
A R K E M E D I A T E C H N O L O G I E S L T D
VIEW POINT BASING VIEW BASINGSTOKE HAMPSHIRE RG21 4RG
http://www.arkemedia.com
mailto:info@arkemedia.com
Tel : +44 1256 869 200 Fax : +44 1256 329 119
============================================================================
The information in this e-mail and in any attachments is confidential and
is intended solely for the attention and use of the named addressee(s).
============================================================================
If you are not the intended recipient, or a person responsible for passing
it on to the intended recipient, you are not authorised to hold a copy of
this information and you must therefore not disclose, copy, distribute, or
retain this message or any part of it. MAILTO:Administrator@arkemedia.com
============================================================================
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org