The problem appears to be that no client certificate is presented by
your client. Do you get prompted by your browser to specify a client
certificate?
Browsers may be configured not to prompt for a certificate in any or all
of the following cases:
- No client certs have been imported into the
By right the client should not be asked to present a
cert because my server.xml setting is set to
clientAuth=false
--- Mark Thomas [EMAIL PROTECTED] wrote:
The problem appears to be that no client certificate
is presented by
your client. Do you get prompted by your browser to
specify a
From the Tomcat documentation:
quote
clientAuth
Set to true if you want the SSL stack to require a valid certificate
chain from the client before accepting a connection. A false value
(which is the default) will not require a certificate chain unless the
client requests a resource protected by
I tried setting it to true and it still does not work.
--- Mark Thomas [EMAIL PROTECTED] wrote:
From the Tomcat documentation:
quote
clientAuth
Set to true if you want the SSL stack to require a
valid certificate
chain from the client before accepting a connection.
A false value
If you don't want the clients to have to provide a client certificate,
don't specify CLIENT-CERT in your web.xml
Mark
[EMAIL PROTECTED] wrote:
I tried setting it to true and it still does not work.
--- Mark Thomas [EMAIL PROTECTED] wrote:
From the Tomcat documentation:
quote
clientAuth
Set to
Hey it works! Thank you for enlightening me. But i
would like to know why it works. If you can point me
to some resources to explain this.
I think in order for the client server to communicate
over SSL the crucial setting is
transport-guaranteeINTEGRAL/transport-guarantee
NONE will mean no SSL.
The resource you are looking for is the relevant servlet specification.
See http://java.sun.com/products/servlet/reference/api/index.html
The spec is *required* reading for anyone developing with servlets.
Be aware that INTEGRAL does not require the data to be encrypted, only
that the integrity
You can check whether the keystore is properly created using the
following command
keytool -list -alias tomcat
rgds
Antony Paul
On 22 Feb 2005 12:24:05 +0600, Thavarajah Kurinchikumaran
[EMAIL PROTECTED] wrote:
Hi all,
I am using tomcat as my local server.
I removed some keystore files
Hi.
Thanks.
Just cannot seem to see that attribute in the docs? Maybe I am just blind!
:)
Carl
-Original Message-
From: Bill Barker [mailto:[EMAIL PROTECTED]
Sent: Saturday, November 20, 2004 9:42 PM
To: [EMAIL PROTECTED]
Subject: Re: Problem with ssl
Carl Olivier [EMAIL
: Saturday, November 20, 2004 4:42 AM
To: [EMAIL PROTECTED]
Subject: Re: Problem with ssl
[EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I'm using ssl with tomcat 5.0.28
I use a keystore that contains several certificates How can I tell
tomcat which one to use for SSL transaction
You can config SSL with Tomcat5.0.28 by read these:
http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
On Fri, 19 Nov 2004 15:52:58 +0100, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
I'm using ssl with tomcat 5.0.28
I use a keystore that contains several certificates
How can I tell
[EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I'm using ssl with tomcat 5.0.28
I use a keystore that contains several certificates
How can I tell tomcat which one to use for SSL transaction ?
Is there a parameter like alias ?
The correct attribute is 'keyAlias' to specify which
Greetings.
Where is this specified? In which element?
Thanks!
Carl
-Original Message-
From: Bill Barker [mailto:[EMAIL PROTECTED]
Sent: Saturday, November 20, 2004 4:42 AM
To: [EMAIL PROTECTED]
Subject: Re: Problem with ssl
[EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED
Mousami:
I have a similar issue before. What I did to resolve it was go through the
DOS command prompt and rename mousami.keystore to just .keystore
(Windows Explorer can't do it)
I am not sure as to why it wouldn't take the full file name but the
.keystore worked for me.
Good luck!
Azam Khan
.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on port 8443
[EMAIL PROTECTED]
10/27/2004 01:39 PM
Please respond to
Tomcat Users List [EMAIL PROTECTED]
To
[EMAIL PROTECTED]
cc
Subject
RE: Problem Enabling SSL in Tomcat 4.1.27
Mousami:
I have a similar issue before. What I did to resolve
clientAuth=false protocol=TLS
keystoreFile=webapps/ROOT/WEB-INF/keystore/.keystore /
/Connector
Azam Khan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 27, 2004 2:01 PM
To: Tomcat Users List
Subject: RE: Problem Enabling SSL in Tomcat
Sorry I meant try changing your path to FORWARD slashes
Azam Khan
-Original Message-
From: Khan, Azam
Sent: Wednesday, October 27, 2004 2:13 PM
To: [EMAIL PROTECTED]
Subject: RE: Problem Enabling SSL in Tomcat 4.1.27
Mousami:
There are two other differences I see between my
PROTECTED]
cc
Subject
RE: Problem Enabling SSL in Tomcat 4.1.27
Mousami:
There are two other differences I see between my configuration and yours..
1) my Factory classname is
org.apache.coyote.tomcat4.CoyoteServerSocketFactory not
org.apache.catalina.net.SSLServerSocketFactory
2) my keystoreFile
List
Subject: RE: Problem Enabling SSL in Tomcat 4.1.27
It Works :)) thanks a ton Azam,
changing the path and the className did the trick.
My SSL Connector now looks like this.
!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --
Connector className=org.apache.coyote.tomcat4
Hi all,
Can somebody help me in solving this?
Regards
Binoy
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: 05 August 2004 16:06
To: [EMAIL PROTECTED]
Subject: RE: Problem with SSL configuration
Hi,
This is how my server.xml looks like
Connector
On 8/6/2004 1:05 AM, [EMAIL PROTECTED] wrote:
Connector port=8443
maxThreads=150 minSpareThreads=25
maxSpareThreads=75
enableLookups=false disableUploadTimeout=true
acceptCount=100 debug=0 scheme=https secure=true
Factory
Yes I tried that, still I get the same error.
Binoy
-Original Message-
From: Dennis Dai [mailto:[EMAIL PROTECTED]
Sent: 06 August 2004 09:12
To: Tomcat Users List
Subject: Re: Problem with SSL configuration
On 8/6/2004 1:05 AM, [EMAIL PROTECTED] wrote:
Connector port=8443
On Thu, Aug 05, 2004 at 09:26:55AM -0400, Shapira, Yoav wrote:
: You don't have to quote the whole stack trace ;)
I dunno. I'd prefer people include the entire thing (up to the
RootCause, at least)... just not in-line. ;)
It's like lab reports in the days before word processing was cheap:
Hi,
You don't have to quote the whole stack trace ;) Can you post your
server.xml, as some attribute type is incorrect apparently? ;)
Yoav Shapira
Millennium Research Informatics
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 05, 2004 9:25
=org.apache.coyote.tomcat5.CoyoteConnector
clientAuth=false sslProtocol=TLS
keystorePass = binoy/
/Connector
Binoy
-Original Message-
From: Shapira, Yoav [mailto:[EMAIL PROTECTED]
Sent: 05 August 2004 14:27
To: Tomcat Users List
Subject: RE: Problem with SSL
I haven't got a clue what the bug is, but it looks like it is in your
webapp. The error you are seeing is from a request that your 'mergeUrl'
servlet is making to some external server. Since it is clearly making an
http request (not an https request), I'd guess that that is your problem :).
26 matches
Mail list logo
