SSL/TLS spanning over two Tomcat servers

["Kolev, Ivo" <Iv...@experian.com>]

Hallo,

 

I'll appreciate help on the following topic ...

 

I've setup TLS/SSL on two Tomcat servers, both using one server key and
having identical trust stores. Client certs are requested for
authentication purposes. One of the servers runs some authentication app
and the other hosts some "regular" web apps. Users are allowed to enter
through both servers, e.g. first authenticate and then getting
redirected to web apps, or going first to web app and getting redirected
to the authentication server if authentication is not completed.

 

In general it works well, but the user is prompted twice to provide
client certificate. Can this be solved in a way that only one
certificate prompt appears?

 

Cheers, Ivo Kolev




Information in this e-mail and any attachments is confidential, and may not be copied or used by anyone other than the addressee, nor disclosed to any third party without our permission. There is no intention to create any legally binding contract or other binding commitment through the use of this electronic communication unless it is issued in accordance with the Experian Limited standard terms and conditions of purchase or other express written agreement between Experian Limited and the recipient. Although Experian has taken reasonable steps to ensure that this communication and any attachments are free from computer virus, you are advised to take your own steps to ensure that they are actually virus free. 

Companies Act information: Registered name: Experian Limited. Registered office: Landmark House, Experian Way, NG2 Business Park, Nottingham, NG80 1ZZ, United Kingdom. Place of registration: England and Wales. Registered number: 653331