You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by klute <so...@yahoo.com> on 2003/03/28 04:28:43 UTC

Re: Correction - How to configure Tomcat to accept certificates from certain CA's?

Correction - I realized that I gave you the wrong path
before. The "cacerts" keystore is located at: 

<java-home>/jre/lib/security

you will need to use the keytool that came with your
jdk to import the CA cert into this cacerts. while
importing you need to use a switch -storetype trusted
(i believe)

hope this helps,
james

--- Mark Liu <ma...@yahoo.com> wrote:
> 
> I am trying to do mutual SSL authentication via
> certificates. 
> 
> I have installed both my personal and the CA's
> certificates in my IE browser. 
> 
> When I visit my Web server which requires client
> authentication via HTTPS, IE certainly brings up the
> dialog box for me to choose a certificate, but it
> does not give me a list of my certificates to choose
> from!
> 
> Please click the following link to get a better
> picture of my problem.
> 
> http://www.geocities.com/markliu1989/
> 
> Do any of you know what this problem is please?  And
> how can fix this?  Thanks a lot.
> 
> 
> 
> ---------------------------------
> Do you Yahoo!?
> Yahoo! Platinum - Watch CBS' NCAA March Madness,
> live on your desktop!


__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Correction - How to configure Tomcat to accept certificates from certain CA's?

Posted by Mark Liu <ma...@yahoo.com>.
Oh, man!  You are great!  It is exactly this problem.
It works now!  But still I don't quite understand how the cacerts keystore is related to the Tomcat server. 
Does the Tomcat server also reads this keystore?
Thank you! Klute.
 klute <so...@yahoo.com> wrote:Correction - I realized that I gave you the wrong path
before. The "cacerts" keystore is located at: 

/jre/lib/security

you will need to use the keytool that came with your
jdk to import the CA cert into this cacerts. while
importing you need to use a switch -storetype trusted
(i believe)

hope this helps,
james

--- Mark Liu wrote:
> 
> I am trying to do mutual SSL authentication via
> certificates. 
> 
> I have installed both my personal and the CA's
> certificates in my IE browser. 
> 
> When I visit my Web server which requires client
> authentication via HTTPS, IE certainly brings up the
> dialog box for me to choose a certificate, but it
> does not give me a list of my certificates to choose
> from!
> 
> Please click the following link to get a better
> picture of my problem.
> 
> http://www.geocities.com/markliu1989/
> 
> Do any of you know what this problem is please? And
> how can fix this? Thanks a lot.
> 
> 
> 
> ---------------------------------
> Do you Yahoo!?
> Yahoo! Platinum - Watch CBS' NCAA March Madness,
> live on your desktop!


__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!

Re: Correction - How to configure Tomcat to accept certificates from certain CA's?

Posted by Mark Liu <ma...@yahoo.com>.
Hi, Klute,
Thank you for your reply.  But I do not quite understand this.  Does this cacert keystore have anything to do with my Tomcat Web server?
I followed the Tomcat SSL-How-To documentation and managed to run Tomcat in SSL mode successfully.  Thus the certificate Tomcat uses is in the keystore (.keystore) in my home directory under the Win2K system.
Please tell me if the J2SDK_HOME\jre\lib\security\cacerts have anything to do with my Tomcat Web server.  Thanks a lot.
Regards,
Mark
 klute <so...@yahoo.com> wrote:Correction - I realized that I gave you the wrong path
before. The "cacerts" keystore is located at: 

/jre/lib/security

you will need to use the keytool that came with your
jdk to import the CA cert into this cacerts. while
importing you need to use a switch -storetype trusted
(i believe)

hope this helps,
james

--- Mark Liu wrote:
> 
> I am trying to do mutual SSL authentication via
> certificates. 
> 
> I have installed both my personal and the CA's
> certificates in my IE browser. 
> 
> When I visit my Web server which requires client
> authentication via HTTPS, IE certainly brings up the
> dialog box for me to choose a certificate, but it
> does not give me a list of my certificates to choose
> from!
> 
> Please click the following link to get a better
> picture of my problem.
> 
> http://www.geocities.com/markliu1989/
> 
> Do any of you know what this problem is please? And
> how can fix this? Thanks a lot.
> 
> 
> 
> ---------------------------------
> Do you Yahoo!?
> Yahoo! Platinum - Watch CBS' NCAA March Madness,
> live on your desktop!


__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!