pass through certificates

[Ron Lin <ro...@probaris.com>]

I need to pass a Client Cert through Tomcat 4.0, but the problem is that I
want to use self-signed certificates, and if the clientAuth flag in the SSL
Connector is set to true, it appears to require a valid CA-signed cert.

is there any way to do something similar to Apache, to just have client auth
become OPTIONAL so that self-signed certs could be validly used?

is there something i can do in the web.xml file to configure Tomcat to
request the client cert without imposing any restrictions?

also, the CertificatesValve seems promising... coudl i modify it to achieve
my ends?

thanks,
Ron