You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ar...@fr.thalesgroup.com on 2001/06/12 15:28:32 UTC
SSL +tomcat
hello all,
I am testing Tomcat standalone with client authentication on, and getting
some odd results. It works fine if client authentication is not turned on
(for both IE and Netscape browsers). If I turn on client authentication,
Netscape claims that I do not have a personal certificate, and IE asks me to
choose from an empty list of certificates.
Any ideas on the problem with the certificate request when I use Tomcat
standalone? Is there some configuration to indicate the type of certificate
the server is requesting? I am using both client & server certificates
generated by Openssl.
More precisely I have an Server Certificate stored in Keystore (Tomcat side)
and a client
Certificate integrated in my browser. Both certificates are signed by a CA
Authority whose
certificate is on my browser too.
This problem has been already encoutered by many people
(bnelson@extricity.com for example)
Many thanks,
Arnaud Pierre.
PS: I use tomcat 4.0b5
RE: SSL +tomcat
Posted by Rams <ra...@cmcltd.com>.
Actually,
when trying with any browser, u have to configure ur client and ca cert
in the browser keystore.
when thru' code also, have to put both certs and ur ca cert in the keystore
that u specified in server.xml.
once u configure, browser show the client cert when clientAuth=true.
try with this
Rams
+91-040-3000401 x 2162 (O)
+91-040-6313447 (R)
-----Original Message-----
From: Arnaud.PIERRE@fr.thalesgroup.com
[mailto:Arnaud.PIERRE@fr.thalesgroup.com]
Sent: Tuesday, June 12, 2001 6:59 PM
To: tomcat-user@jakarta.apache.org
Subject: SSL +tomcat
hello all,
I am testing Tomcat standalone with client authentication on, and getting
some odd results. It works fine if client authentication is not turned on
(for both IE and Netscape browsers). If I turn on client authentication,
Netscape claims that I do not have a personal certificate, and IE asks me to
choose from an empty list of certificates.
Any ideas on the problem with the certificate request when I use Tomcat
standalone? Is there some configuration to indicate the type of certificate
the server is requesting? I am using both client & server certificates
generated by Openssl.
More precisely I have an Server Certificate stored in Keystore (Tomcat side)
and a client
Certificate integrated in my browser. Both certificates are signed by a CA
Authority whose
certificate is on my browser too.
This problem has been already encoutered by many people
(bnelson@extricity.com for example)
Many thanks,
Arnaud Pierre.
PS: I use tomcat 4.0b5