You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/08/01 00:50:02 UTC
DO NOT REPLY [Bug 11352] New: -
clientauth="false" equivalent to clientauth="true"
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11352>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11352
clientauth="false" equivalent to clientauth="true"
Summary: clientauth="false" equivalent to clientauth="true"
Product: Tomcat 3
Version: 3.3.1 Final
Platform: PC
OS/Version: Linux
Status: NEW
Severity: Normal
Priority: Other
Component: Auth
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: habecker@zentek.com
Environment:
J2SDK1.4, Red Hat Linux 7.3, using Tomcat as the web server (no other web server
on the machine). Used both Netscape Communicator 4.79 and Mozilla 0.9.9 with
same results.
As per jakarta-tomcat-3.3.1/doc/tomcat-ssl-howto.html, I wrote this entry in
server.xml and then restarted Tomcat:
<Http10Connector port="8443"
secure="true"
keystore="/home/davpfg2/jakarta-tomcat-3.3.1/JSSEkeystore"
keypass="keypass"
clientauth="false"
SSLImplementation="org.apache.tomcat.util.net.JSSEImplementation" />
When I opened https://localhost:8443/index.html in my Netscape browser, I
received several certificate dialogs (as expected, and which demonstrate that
Tomcat successfully found the keystore) and then I received an error message
that stated that localhost had requested client authorization but that I did not
have a personal certificate. For what it's worth, Tomcat also complained about
the missing client certificate:
Using classpath: /home/davpfg2/jakarta-tomcat-3.3.1/bin/../lib/tomcat.jar
Using JAVA_HOME: /usr/java/j2sdk1.4.0_01
Using TOMCAT_HOME: /home/davpfg2/jakarta-tomcat-3.3.1
2002-07-30 20:45:29 - SessionIdGenerator: Opening /dev/urandom
2002-07-30 20:45:29 - ServerXmlReader: Config=$TOMCAT_HOME/conf/server.xml
2002-07-30 20:45:29 - PathSetter: home=/home/davpfg2/jakarta-tomcat-3.3.1
2002-07-30 20:45:29 - ContextXmlReader: Context
config=$TOMCAT_HOME/conf/apps-127.0.0.1.xml
2002-07-30 20:45:29 - ContextXmlReader: Context
config=$TOMCAT_HOME/conf/apps-admin.xml
2002-07-30 20:45:29 - ContextXmlReader: Context
config=$TOMCAT_HOME/conf/apps-examples.xml
2002-07-30 20:45:29 - AutoWebApp: Loaded from config: DEFAULT:/admin
2002-07-30 20:45:29 - AutoWebApp: Auto-Adding DEFAULT:/
2002-07-30 20:45:29 - AutoWebApp: Loaded from config: DEFAULT:/examples
2002-07-30 20:45:29 - AutoWebApp: Auto-Adding DEFAULT:/soap
2002-07-30 20:45:29 - ContextManager: Tomcat configured and in stable state
2002-07-30 20:45:29 - ContextManager: Adding DEFAULT:/admin
2002-07-30 20:45:29 - ContextManager: Adding DEFAULT:/examples
2002-07-30 20:45:29 - ContextManager: Adding DEFAULT:/ROOT
2002-07-30 20:45:29 - ContextManager: Adding DEFAULT:/soap
EmbededTomcat: Init time 1603
2002-07-30 20:45:30 - Http10Interceptor: Starting on 8080
2002-07-30 20:45:30 - Http10Interceptor: Starting on 8443
2002-07-30 20:45:30 - Ajp12Interceptor: Starting on 8007
2002-07-30 20:45:30 - Ajp13Interceptor: Starting on 8009
EmbededTomcat: Startup time 680
PoolTcpEndpoint: Handshake failed
javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException:
handshake alert: no_certificate
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
at java.io.OutputStream.write(OutputStream.java:58)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
at
org.apache.tomcat.util.net.JSSESocketFactory.handshake(JSSESocketFactory.java:270)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:479)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:516)
at java.lang.Thread.run(Thread.java:536)
ThreadPool: Caught exception executing
org.apache.tomcat.util.net.TcpWorkerThread@f4f44a, terminating thread
java.lang.NullPointerException
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:498)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:516)
at java.lang.Thread.run(Thread.java:536)
Stop reaper
SUPER org.apache.tomcat.util.qlog.LogDaemon@4c4975 Exiting
ContextManager: Exiting
Workaround:
I double-checked the manual and found that the default is clientauth="false", so
I simply removed the clientauth line from server.xml and restarted Tomcat. When
I tried the URL again, my browser successfully displayed index.html.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>