DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11352>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11352 clientauth="false" equivalent to clientauth="true" Summary: clientauth="false" equivalent to clientauth="true" Product: Tomcat 3 Version: 3.3.1 Final Platform: PC OS/Version: Linux Status: NEW Severity: Normal Priority: Other Component: Auth AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Environment: J2SDK1.4, Red Hat Linux 7.3, using Tomcat as the web server (no other web server on the machine). Used both Netscape Communicator 4.79 and Mozilla 0.9.9 with same results. As per jakarta-tomcat-3.3.1/doc/tomcat-ssl-howto.html, I wrote this entry in server.xml and then restarted Tomcat: <Http10Connector port="8443" secure="true" keystore="/home/davpfg2/jakarta-tomcat-3.3.1/JSSEkeystore" keypass="keypass" clientauth="false" SSLImplementation="org.apache.tomcat.util.net.JSSEImplementation" /> When I opened https://localhost:8443/index.html in my Netscape browser, I received several certificate dialogs (as expected, and which demonstrate that Tomcat successfully found the keystore) and then I received an error message that stated that localhost had requested client authorization but that I did not have a personal certificate. For what it's worth, Tomcat also complained about the missing client certificate: Using classpath: /home/davpfg2/jakarta-tomcat-3.3.1/bin/../lib/tomcat.jar Using JAVA_HOME: /usr/java/j2sdk1.4.0_01 Using TOMCAT_HOME: /home/davpfg2/jakarta-tomcat-3.3.1 2002-07-30 20:45:29 - SessionIdGenerator: Opening /dev/urandom 2002-07-30 20:45:29 - ServerXmlReader: Config=$TOMCAT_HOME/conf/server.xml 2002-07-30 20:45:29 - PathSetter: home=/home/davpfg2/jakarta-tomcat-3.3.1 2002-07-30 20:45:29 - ContextXmlReader: Context config=$TOMCAT_HOME/conf/apps-127.0.0.1.xml 2002-07-30 20:45:29 - ContextXmlReader: Context config=$TOMCAT_HOME/conf/apps-admin.xml 2002-07-30 20:45:29 - ContextXmlReader: Context config=$TOMCAT_HOME/conf/apps-examples.xml 2002-07-30 20:45:29 - AutoWebApp: Loaded from config: DEFAULT:/admin 2002-07-30 20:45:29 - AutoWebApp: Auto-Adding DEFAULT:/ 2002-07-30 20:45:29 - AutoWebApp: Loaded from config: DEFAULT:/examples 2002-07-30 20:45:29 - AutoWebApp: Auto-Adding DEFAULT:/soap 2002-07-30 20:45:29 - ContextManager: Tomcat configured and in stable state 2002-07-30 20:45:29 - ContextManager: Adding DEFAULT:/admin 2002-07-30 20:45:29 - ContextManager: Adding DEFAULT:/examples 2002-07-30 20:45:29 - ContextManager: Adding DEFAULT:/ROOT 2002-07-30 20:45:29 - ContextManager: Adding DEFAULT:/soap EmbededTomcat: Init time 1603 2002-07-30 20:45:30 - Http10Interceptor: Starting on 8080 2002-07-30 20:45:30 - Http10Interceptor: Starting on 8443 2002-07-30 20:45:30 - Ajp12Interceptor: Starting on 8007 2002-07-30 20:45:30 - Ajp13Interceptor: Starting on 8009 EmbededTomcat: Startup time 680 PoolTcpEndpoint: Handshake failed javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: handshake alert: no_certificate at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275) at java.io.OutputStream.write(OutputStream.java:58) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275) at org.apache.tomcat.util.net.JSSESocketFactory.handshake(JSSESocketFactory.java:270) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:479) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:516) at java.lang.Thread.run(Thread.java:536) ThreadPool: Caught exception executing org.apache.tomcat.util.net.TcpWorkerThread@f4f44a, terminating thread java.lang.NullPointerException at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:498) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:516) at java.lang.Thread.run(Thread.java:536) Stop reaper SUPER org.apache.tomcat.util.qlog.LogDaemon@4c4975 Exiting ContextManager: Exiting Workaround: I double-checked the manual and found that the default is clientauth="false", so I simply removed the clientauth line from server.xml and restarted Tomcat. When I tried the URL again, my browser successfully displayed index.html. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>