[Catalina] SSL - choosing of server certificates

[Serle Shuman <se...@creator.co.za>]

After investigation I've found that the first certificate added to the kestore is returned and used as the server certificate. i.e. given that multiple certificates exist in the keystore, the certificate which was added first is returned. This corresponds to the -list command ordering. I would like to be able to choose which certificate should be used. Does anyone have any ideas?

Serle

Re: [Catalina] SSL

[Derek DeMoro <dd...@home.com>]

Also, where is SSLSession defined.  SSLServerSocket does not subclass it
all?

Derek

----- Original Message -----
From: "Derek DeMoro" <dd...@home.com>
To: <to...@jakarta.apache.org>
Sent: Wednesday, August 09, 2000 9:16 PM
Subject: Re: [Catalina] SSL


> There is no clientauth variable.
>
> Derek
>
> ----- Original Message -----
> From: "Warner Onstine" <on...@intalio.com>
> To: <to...@jakarta.apache.org>
> Sent: Wednesday, August 09, 2000 5:14 PM
> Subject: Re: [Catalina] SSL
>
>
> > Set the clientauth variable to true in server.xml - for more in depth
info
> > on what this does check out SSLServerSocketFactory.java in the net
package
> > of Tomcat.
> >
> > -warner
> >
> > ----- Original Message -----
> > From: Derek DeMoro
> > To: tomcat-dev@jakarta.apache.org
> > Sent: Sunday, August 06, 2000 8:25 PM
> > Subject: Re: [Catalina] SSL
> >
> >
> > Hello All,
> >      Just looking for an how to request and read  a client certificate.
> > There does not seem to be any hint inside
> > of Server.xml.
> >
> > Thank You,
> > Derek DeMoro
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>

Re: [Catalina] SSL

[Remy Maucherat <re...@apache.org>]

> There is no clientauth variable.

I never tried client auth, so it may not work, but try adding this parameter
to the Connector in server.xml :

       <Parameter name="clientauth"
                value="true" />

Remy

Re: [Catalina] SSL

[Derek DeMoro <dd...@home.com>]

There is no clientauth variable.

Derek

----- Original Message -----
From: "Warner Onstine" <on...@intalio.com>
To: <to...@jakarta.apache.org>
Sent: Wednesday, August 09, 2000 5:14 PM
Subject: Re: [Catalina] SSL


> Set the clientauth variable to true in server.xml - for more in depth info
> on what this does check out SSLServerSocketFactory.java in the net package
> of Tomcat.
>
> -warner
>
> ----- Original Message -----
> From: Derek DeMoro
> To: tomcat-dev@jakarta.apache.org
> Sent: Sunday, August 06, 2000 8:25 PM
> Subject: Re: [Catalina] SSL
>
>
> Hello All,
>      Just looking for an how to request and read  a client certificate.
> There does not seem to be any hint inside
> of Server.xml.
>
> Thank You,
> Derek DeMoro
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>

Re: [Catalina] SSL

[Warner Onstine <on...@intalio.com>]

Set the clientauth variable to true in server.xml - for more in depth info
on what this does check out SSLServerSocketFactory.java in the net package
of Tomcat.

-warner

----- Original Message -----
From: Derek DeMoro
To: tomcat-dev@jakarta.apache.org
Sent: Sunday, August 06, 2000 8:25 PM
Subject: Re: [Catalina] SSL


Hello All,
     Just looking for an how to request and read  a client certificate.
There does not seem to be any hint inside
of Server.xml.

Thank You,
Derek DeMoro

Re: [Catalina] SSL

[Derek DeMoro <dd...@home.com>]

Hello All,
     Just looking for an how to request and read  a client certificate.  There does not seem to be any hint inside 
of Server.xml.

Thank You,
Derek DeMoro