Hello
I've configured Tomcat SSL Client Authentication with these settings :
web.xml
...
security-constraint
web-resource-collection
web-resource-nameEntire Application/web-resource-name
url-pattern/*/url-pattern
http-methodGET/http-method
http-methodPOST/http-method
/web-resource
Hi,
I believe that the clientAuth needs to be set to true in the
server.xml.
Jim
lercoli wrote:
Hello
I've configured Tomcat SSL Client Authentication with these settings :
web.xml
...
security-constraint
web-resource-collection
web-resource-nameEntire Application/web
Client Authentication
Hi,
I believe that the clientAuth needs to be set to true in the
server.xml.
Jim
lercoli wrote:
Hello
I've configured Tomcat SSL Client Authentication with these settings :
web.xml
...
security-constraint
web-resource-collection
web
.
- Original Message -
From: ohaya [EMAIL PROTECTED]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Sent: Wednesday, April 27, 2005 12:49 PM
Subject: Re: Tomcat SSL Client Authentication
Hi,
I believe that the clientAuth needs to be set to true in the
server.xml.
Jim
with clientAuth = true but server
certificate window doesn't
appear and I get page not found error.
- Original Message -
From: ohaya [EMAIL PROTECTED]
To: Tomcat Users List
tomcat-user@jakarta.apache.org
Sent: Wednesday, April 27, 2005 12:49 PM
Subject: Re: Tomcat SSL Client Authentication
certificate
(while instead appears with clientAuth = false).
- Original Message -
From: Darryl Wilburn [EMAIL PROTECTED]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Sent: Wednesday, April 27, 2005 3:55 PM
Subject: Re: Tomcat SSL Client Authentication
What version of TC? I've read
]
Asunto: Re: Tomcat SSL client authentication problem with Internet
Explore
I'm guessing that you didn't install your CA's cert in MSIE's root
certificates. Since Tomcat will ask for certs signed by your CA, if MSIE
can't find any (that it can verify the chain with), you get an empty box.
Ratón
Hi!
I have a problem with Tomcat 4.0.6 and SSL client authentication. When I use the
Internet Explorer browser (v6.0) and I try to access the secure URL (for example
https://whatever:8043), an empty list of certificates is presented. However, if I use
Mozilla 1.4 or Netscape 4.76, the client
I'm guessing that you didn't install your CA's cert in MSIE's root
certificates. Since Tomcat will ask for certs signed by your CA, if MSIE
can't find any (that it can verify the chain with), you get an empty box.
Ratón Lacarcel, Antonio [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hi Bill,
Thanks for answering.
I did solve the problem.
My client certificate is not self-signed (as I pointed out in 2.-4.).
So I have a certificate signed by my CA.
The problem was solved by setting CATALINA_OPTS system variable before
starting Tomcat:
set
But (as I pointed out in 3.,4. and 6) I have client cert and CA cert.
The latter I imported to the cacert.
I tried to do the same without Tomact but with very simple HTTP(s)
server and got the same result. So I suggest that I did something
wrong with creating/importing certs.
But what's wrong?
From your 1., your client cert is self-signed, not signed by your CA cert.
Since this amounts to telling the server I am Dmitry, because I said so,
it's a security-risk to accept self-signed client certs, so most HTTPS
servers won't accept them. (Of course, it is also the same security-risk to
You can't generally use a self-signed client cert with JSSE (you can
configure PureTLS to accept it, but another bug means that you'd have to
wait for 4.1.26). The work-around is way too much trouble for the sysadmin,
and I don't feel like being an enabler for a true hideous design. So,
you'll
Hello all,
I'm
Best regards,
Dmitry.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hello all,
Sorry for the previous e-mail. %)
This theme was discussed about month ago. I tried to use what I've
found but I'm still having a problem...
I'm trying to do SSL client authentication with Tomcat 4.1.18 (clientAuth=true).
1. I've generated a client certificate using keytool:
15 matches
Mail list logo