You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Panos Skondras <pa...@hq.acn.gr> on 2002/10/03 08:50:01 UTC
Tomcat SSL
Hi all
I am trying to start Tomcat using https with client auth but
so far nothing.
I have downloades JSSE put the jar in the right place(https works if i
put clientauth=false in
server.xml).
I have created a key with keytool and also
export a key to put it in the IE trusted root dir.
But when i enable client auth=true and ty again i get
The page cannot be displayed page from tomcat no
logging is done..
Can anyone give me some hints..
The client certificate is not from a CA but it is created by me with
keytool
The client certificate and the server certificate must exist somewhere
in tomcat path?
thx inadvance
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Tomcat SSL
Posted by Mehmet Birgi <me...@otego.com>.
The server certificate must be where you set it up in your server.xml (for
details, see the tomcat-ssl-howto). This will enable Tomcat to identify
itself to the client.
The client certificate's CA's public key (or just the whole certificate)
must be imported into %JAVA_HOME%/jre/lib/security/cacerts (the default
truststore that Tomcat uses), or, you have to define the system property for
the truststore in Tomcat's JVM if you want to use another truststore than
the default. This will enable Tomcat to trust the client.
cheers,
memo
----- Original Message -----
From: "Panos Skondras" <pa...@hq.acn.gr>
To: <to...@jakarta.apache.org>
Sent: Thursday, October 03, 2002 08:50
Subject: Tomcat SSL
> Hi all
> I am trying to start Tomcat using https with client auth but
> so far nothing.
> I have downloades JSSE put the jar in the right place(https works if i
> put clientauth=false in
> server.xml).
> I have created a key with keytool and also
> export a key to put it in the IE trusted root dir.
> But when i enable client auth=true and ty again i get
> The page cannot be displayed page from tomcat no
> logging is done..
> Can anyone give me some hints..
> The client certificate is not from a CA but it is created by me with
> keytool
> The client certificate and the server certificate must exist somewhere
> in tomcat path?
> thx inadvance
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>