You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by "Egger, Alexander" <a....@kfunigraz.ac.at> on 2001/11/11 13:40:36 UTC

SSL client authentication

We have the following problem:

We use Tomcat with SSL  client authentication.
Server side:
cacerts: Thawte Root certificate, A-Sign Root certificate
server-keystore: Thawte Server Certificate + private key, client certificate
from A-Sign


Client side (IE5)
A-Sign user certificate + private key
A-Sign root certificate


If we connect to tomcat with IE an empty window is opening with select
certificate.
In the java ssl debug output we see that the certchain is sent including the
A-Sign Root CA.


If we delete the cacerts file on the server side and we connect with the IE
the window for choosing the certificate pops up including our A-Sign client
cert. If we choose this A-Sign client cert java ssl writes bad_certificate.

Any ideas what is wrong? Nervous breakdown pending.... THREE, TWO....  

THANKS!

----
Alexander Egger

project.service.bureau 
University of Innsbruck
Innrain 52 / A-6020 Innsbruck / Austria
E-mail: a.egger@uni-graz.at
Phone: +43 512 507 9055 
Fax: +43 512 507 2607

http://meta-e.uibk.ac.at/
http://www.literature.at/

--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>