Hi All,
I'm using client authenticate for my website (Tomcat 5.0.28) and everything
works great. However, I had an idea for something I wanted to try, and I
need to know if its possible.
Would I be able to prompt for client certificates ONLY if a certain request
parameter was present (and
with the certificate/private key of the web server
and the CA certificate.
The client authentication only works if I add the CA certificate into the
$JAVA_HOME/jre/lib/security/cacerts. If the Tomcat keystore contains the CA
certificate but not the JDK keystore... the client authentication fails
Manuel Gil Perez wrote:
The client authentication only works if I add the CA certificate into
the $JAVA_HOME/jre/lib/security/cacerts. If the Tomcat keystore contains
the CA certificate but not the JDK keystore... the client authentication
fails.
AFAIK this can't be done without some custom
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark Thomas wrote:
Paul Puschmann wrote:
we'd like to use our Tomcat with ssl and client certificates.
Does anybody know if the user information (of the user-certificate) can
be used to authenticate?
Tomcat is 5.5.7
CLIENT-CERT
Paul Puschmann wrote:
That is fine, but how can I use the CLIENT-CERT information in my
applications?
The certificate is exposed as a servlet attribute. You need to read
section SRV.4.7 of the servlet specification and if you search the
specification for certificate you will find some useful
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
we'd like to use our Tomcat with ssl and client certificates.
Does anybody know if the user information (of the user-certificate) can
be used to authenticate?
Tomcat is 5.5.7
Paul
- --
Linux-User #271918 with the Linux Counter,
Paul,
CLIENT-CERT authentication is supported.
Mark
Paul Puschmann wrote:
we'd like to use our Tomcat with ssl and client certificates.
Does anybody know if the user information (of the user-certificate) can
be used to authenticate?
Tomcat is 5.5.7
In Tomcat 5.0.x Is it possible to for a servlet to get a client's
certificate without forcing the whole server to use client
authentication?
in server.xml:
clientAuth=true - stops everyone accessing via https
clientAuth=want - secure servlet displays no content
clientAuth=false
).
- Client authentication is part of SSL. It is during the SSL hand-shake
that the server will request the client certificate. So the short
answer would be: NO you can not implement this without SSL.
- The CA the server requires for the client certificates can be
completely unrelated
Thank you ever so much. The certificates will be for a subset of my clients
and so I am not that worried. I really appreciate your help.
-Original Message-
From: Mark Thomas [mailto:[EMAIL PROTECTED]
Sent: 23 May 2005 23:13
To: Tomcat Users List
Subject: Re: Client Authentication
Thanks Philip.. ever so much help. I really appreciate this!
-Original Message-
From: Philippe Johan [mailto:[EMAIL PROTECTED]
Sent: 24 May 2005 08:55
To: tomcat-user@jakarta.apache.org
Subject: RE: Client Authentication certificates
Hi Mark,
To answer your questions:
- You can
Morning all..
I have a web app and for certain areas of the site I wish to restrict access
to a Client Authentication certificate. I want to generate a root
Certificate for my company domain and then sub domains for a variety of
customers. Then I wish to be able to generate certificates
Authentication certificates
Morning all..
I have a web app and for certain areas of the site I wish to restrict access
to a Client Authentication certificate. I want to generate a root
Certificate for my company domain and then sub domains for a variety of
customers. Then I wish to be able
to a Client Authentication certificate. I want to generate a root
Certificate for my company domain and then sub domains for a variety of
customers. Then I wish to be able to generate certificates for certain users
within these sub domains.
My questions are:
Can I build a root certificate
you get) is the verification of the entity that posses the
private key associated with the certificate.
Can I implement the Client Authentication on a server which does not have
SSL implemented?
No. SSl is a pre-reqisite for CLIENT-CERT authentication
Can I implement the Client Authentication
and client.p12 to the clients machine.
In your server.xml file enable client authentication by changing
clientauth=true and that's it.
Regards Thanks
Mahesh S Kudva
-Original Message-
From: Mahesh S Kudva [EMAIL PROTECTED]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Hi All
Ho do i go about with clien Authentication
Regards Thanks
Mahesh S Kudva
-Original Message-
From: Mahesh S Kudva [EMAIL PROTECTED]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Date: Tue, 10 May 2005 20:51:08 +0530
Subject: Re: Client Authentication
Hi
windows alowys pop's up
Regards Thanks
Mahesh S Kudva
-Original Message-
From: Mark Thomas [EMAIL PROTECTED]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Date: Tue, 03 May 2005 23:00:57 +0100
Subject: Re: Client Authentication
The CN for your server cert
-
From: Mahesh S Kudva [EMAIL PROTECTED]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Date: Mon, 02 May 2005 23:04:50 +0530
Subject: Re: Client Authentication
Hi
I tried with client.p12 first, when i failed I went on with
client_cert.x509. I placed it in the personal folder
@jakarta.apache.org
Sent: Tuesday, May 03, 2005 1:41 PM
Subject: Re: Client Authentication
Hi
What kind of information do i need to put in the fields of First and Last
name and Common name. Will any information do or is it required that I
need to put in the server address in the client.p12 certificate
+0200
Subject: Re: Client Authentication
CA and Tomcat common name should be the same (localhost or better your
DNS).
First and Last Name of client sould the name of a Tomcat user declared
in
tomcat-users.xml.
Luca Ercoli
- Original Message -
From: Mahesh S Kudva [EMAIL
PROTECTED]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Date: Tue, 3 May 2005 14:33:46 +0200
Subject: Re: Client Authentication
CA and Tomcat common name should be the same (localhost or better your
DNS).
First and Last Name of client sould the name of a Tomcat user declared
in
tomcat-users.xml
Dear All
I've been able to setup Tomcat 5.0.30 successfully on port 8443. I want to
use client authentication. Hence i've enabled clientAuth=true in
server.xml
Running on Mac OS X these were the commands to create a CA and sign a
certificate using this CA.
Creating a new CA:
1) perl CA.pl
02, 2005 5:08 PM
Subject: Client Authentication
Dear All
I've been able to setup Tomcat 5.0.30 successfully on port 8443. I want to
use client authentication. Hence i've enabled clientAuth=true in
server.xml
Running on Mac OS X these were the commands to create a CA and sign a
certificate
, 2005 10:31 AM
Subject: Re: Client Authentication
You should import only client.p12 certificate in IE browser and
when IE asks you in which folder you want to put it select Personal
Folder.
I hope it helps you.
Luca Ercoli
- Original Message -
From: Mahesh S Kudva [EMAIL PROTECTED
May 2005 17:31:54 +0200
Subject: Re: Client Authentication
You should import only client.p12 certificate in IE browser and
when IE asks you in which folder you want to put it select Personal
Folder.
I hope it helps you.
Luca Ercoli
- Original Message -
From: Mahesh S Kudva
May 2005 17:31:54 +0200
Subject: Re: Client Authentication
You should import only client.p12 certificate in IE browser and
when IE asks you in which folder you want to put it select Personal
Folder.
I hope it helps you.
Luca Ercoli
- Original Message -
From: Mahesh S Kudva [EMAIL PROTECTED
Hello
I've configured Tomcat SSL Client Authentication with these settings :
web.xml
...
security-constraint
web-resource-collection
web-resource-nameEntire Application/web-resource-name
url-pattern/*/url-pattern
http-methodGET/http-method
http-methodPOST/http-method
/web-resource
Hi,
I believe that the clientAuth needs to be set to true in the
server.xml.
Jim
lercoli wrote:
Hello
I've configured Tomcat SSL Client Authentication with these settings :
web.xml
...
security-constraint
web-resource-collection
web-resource-nameEntire Application/web
Client Authentication
Hi,
I believe that the clientAuth needs to be set to true in the
server.xml.
Jim
lercoli wrote:
Hello
I've configured Tomcat SSL Client Authentication with these settings :
web.xml
...
security-constraint
web-resource-collection
web
Hi,
Sorry if that didn't help.
Here's what I have in server.xml (I don't remember if I had to change
anything outside of server.xml to enable client authentication):
!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --
Connector port=8443
className=org.apache.coyote.tomcat5
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I try to authentificate to a web App by Client.Cert.
I get these error message:
HTTP Status 401 - Cannot authenticate with the provided credentials
Here are my settings:
web.xml:
security-constraint
web-resource-collection
with clientAuth = true but server
certificate window doesn't
appear and I get page not found error.
- Original Message -
From: ohaya [EMAIL PROTECTED]
To: Tomcat Users List
tomcat-user@jakarta.apache.org
Sent: Wednesday, April 27, 2005 12:49 PM
Subject: Re: Tomcat SSL Client Authentication
certificate
(while instead appears with clientAuth = false).
- Original Message -
From: Darryl Wilburn [EMAIL PROTECTED]
To: Tomcat Users List tomcat-user@jakarta.apache.org
Sent: Wednesday, April 27, 2005 3:55 PM
Subject: Re: Tomcat SSL Client Authentication
What version of TC? I've read
Your user entry in tomcat-users.xml needs to look something like this:
user username=CN=Mark Thomas, OU=Jakarta, O=Apache, L=London, C=GB
password=null roles=tomcat,certs/
Basically, the user name needs to be the CN on the user's cert.
Mark
Markus Linnemann wrote:
-BEGIN PGP SIGNED
Hi,
The SSL client authentication doesn't work agains MemoryRealm, because the
authentication mechanism passes the DN of the client certificate to the
realm after validation for role assignement, but the memory realm don't
allow usernames that contains , or = characters. Because the DN
contains
I've never heard of being able to connect using SSL without a server
certificate. But you don't have to spend money to get one: just use a
self-signed certificate.
Onkar Singh wrote:
Hi ,
I want Client ( Web Browser) to be authenticated and not the
Server ( Web Server).
Hi ,
I want Client ( Web Browser) to be authenticated and not the
Server ( Web Server).
Is it possible to achieve or not because as far as i know JSSE
and Claymore' PureTLS (SSL implementations) both make Server
authentication
mandatory !!
Thanks
Hi!
I'm developing a java webapp
overTomcat 4.2, with client certificate authentication.
Is there any way to configure a customize error
page?
When I enter in the webapp with an appropiate
certificate, HTTPS runs fine.
And when I enter without it, ssl handshake detects
an error,
an
RTFM. web.xml has ways to do this based on the HTTP error code
yours would be the 404 HTTP error code
Luis Urueña Frías escribió:
Hi!
I'm developing a java webapp over Tomcat 4.2, with client
certificate authentication.
Is there any way to configure a customize error page?
When
Hi,
I'm looking to do the same thing as Radu Radutiu (archive here :
http://www.junlu.com/msg/94462.html)
but when i use int the httpd.conf directives like JkSet2 workerEnv sslEnable 1
nothing work and apache don't start.
Do you know how to use JkSet under apache 1.3 on Windows ?
how to passe
Message-
From: Radu Radutiu [mailto:[EMAIL PROTECTED]
Sent: Friday, July 02, 2004 7:49 AM
To: Tomcat Users List
Subject: Apache2 SSL with client authentication jk2 tomcat 5 - no user
certificate in request
Hi,
I'm running Tomcat 5 + jdk 1.4.2_02 + Apache 2.0.49 (Fedora 1) with mod_jk2.
I
Hi,
I'm running Tomcat 5 + jdk 1.4.2_02 + Apache 2.0.49 (Fedora 1) with
mod_jk2. I can access the web app through SSL (with client
authentication enabled in Apache) but the following attributes are not
set in the request: javax.servlet.request.cipher_suite,
javax.net.ssl.peer_certificates
FollowSymLinks
DirectoryIndex index.jsp
/Directory
-Original Message-
From: Radu Radutiu [mailto:[EMAIL PROTECTED]
Sent: Friday, July 02, 2004 7:49 AM
To: Tomcat Users List
Subject: Apache2 SSL with client authentication jk2 tomcat 5 - no user
certificate in request
Hi,
I'm running
I'm sorry to insist...anyone at Jakarta knows about this problem??
Gustavo Rodríguez wrote:
Hi everyone! We were working in this issue some time ago, and
reported that when using the clientAuth=want parameter, we got the
following exception:
java.net.SocketException: Socket Closed at
Hi everyone! We were working in this issue some time ago, and
reported that when using the clientAuth=want parameter, we got the
following exception:
java.net.SocketException: Socket Closed
at java.net.PlainSocketImpl.setOption(PlainSocketImpl.java:177)
We left it for some time, as
...
(client IP) - - [(Sysdate)] GET /(app. directory)/ HTTP/1.1 400 45
-Mensaje original-
De: news [mailto:[EMAIL PROTECTED] En nombre de Bill Barker
Enviado el: viernes, 05 de marzo de 2004 3:20
Para: [EMAIL PROTECTED]
Asunto: Re: Client authentication and customized error pages
Using
: HTTPS support for tomcat using openSSL with Client
Authentication
Hello Saravanan,
Have you got the answer you wanted ?
Anbu
[EMAIL PROTECTED] wrote:
Hi All,
I wanted to support SSL with Client Authentication over Tomcat 4.18.
I followed the steps mentioned in the link below, but I couldn't
Hi
I got the answer and its working too.
saravanan
-Original Message-
From: Anbu [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 18, 2004 7:17 PM
To: Tomcat Users List
Subject: RE: HTTPS support for tomcat using openSSL with Client
Authentication
First of all did u try without tomcat
-Mensaje original-
De: news [mailto:[EMAIL PROTECTED] En nombre de Bill Barker
Enviado el: viernes, 05 de marzo de 2004 3:20
Para: [EMAIL PROTECTED]
Asunto: Re: Client authentication and customized error pages
Using clientAuth=true, the error happens too early to be able to invoke
Hello Saravanan,
Have you got the answer you wanted ?
Anbu
[EMAIL PROTECTED] wrote:
Hi All,
I wanted to support SSL with Client Authentication over Tomcat 4.18.
I followed the steps mentioned in the link below, but I couldn't succeed
in getting the client authentication to work,however I
Still I am looking in to it.
If you have any idea please let me know.
Regards
saravanan
-Original Message-
From: Anbu [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 17, 2004 7:38 PM
To: Tomcat Users List
Subject: Re: HTTPS support for tomcat using openSSL with Client
Authentication
Hi All,
I wanted to support SSL with Client Authentication over Tomcat 4.18.
I followed the steps mentioned in the link below, but I couldn't succeed
in getting the client authentication to work,however I was able to get
the https working with clientAuth=false in tomcat's configuration file
Hi everyone!
I'm using SSL client authentication in a tomcat 5.0.19. Everything goes
fine, but i need some help customizing error pages.
When a client want to use my application, the browser asks him to choose
a valid certificate, but perhaps he hasn't a valid one. If he doesn't
have
the
case where there is no cert sent.
Carlos Guardiola [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hi everyone!
I'm using SSL client authentication in a tomcat 5.0.19. Everything goes
fine, but i need some help customizing error pages.
When a client want to use my application
is set up security-constraints in your web.xml for the appropriate
pages. That is documented well in the servlet spec.
Adam
On 01/28/2004 11:24 PM Milazzo, Michael A HQISEC wrote:
Hi,
I am trying to configure Tomcat to protect my pages using SSL client
authentication. I changed the clientAuth
Hi,
I am trying to configure Tomcat to protect my pages using SSL client
authentication. I changed the clientAuth option within the HTTPS connector,
but I'm not sure what to do next. My code already tries to look for the
certs and parse them, but I am not sure what else I need to configure
Hi All,
Using jboss-3.2.3-tomact 4.1.29, i've got both server and client
authentication fully working. Using the same keystore and with
clientAuth set to false, everything works fine, but when i set
clientAuth to 'true', the server fails to authenticate my client.
My connector in .../jbossweb
and client
authentication fully working. Using the same keystore and with
clientAuth set to false, everything works fine, but when i set
clientAuth to 'true', the server fails to authenticate my client.
My connector in .../jbossweb-tomcat.sar/META-INF/jboss-service.xml is...
Connector className
This is in bugzilla.
How can I resolve this problem??? Please help.
Here is an excerpt of the JSSE logs. We not only tried to authenticate
via a
browser but also via a Java client, so we possess client logs as well.
It seems as if, at some point during the handshake procedure, the
in your TrustStore.
Amjad Shahrour [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hi all,
I am trying to implement 2 way SSL ( client authentication) on tomcat 4.
I am following all steps.
But still have something missing. ( all documentations descrips how to
deal
Hi all,
I am trying to implement 2 way SSL ( client authentication) on tomcat 4.
I am following all steps.
But still have something missing. ( all documentations descrips how to
deal with certificates that are varified by CA).
I need to know how to generate a normal self-signed
Hello,
Here's the solution for some major problems, which i expirienced getting client
authentication to work. I'll post it to help people save time. It cost me more than a
week to get it working and the solution is so simple it can be done in less than half
an hour.
Problem 1 getting
Hello,
With apache client authentication was so simple. Now my boss wants to use it for
smartcard login and I have to use tomcat with cocoon. Thats why I need the client
authentication with ssl to work. But I just can't fix it can anyone please help me.
All examples wont work I always get
client authentication drives me crazy
Date: Tue, 14 Oct 2003 09:33:26 +0200
Hello,
With apache client authentication was so simple. Now my boss wants to use
it for smartcard login and I have to use tomcat with cocoon. Thats why I
need the client authentication with ssl to work. But I just can't
[EMAIL PROTECTED]
Subject: ssl client authentication drives me crazy
Date: Tue, 14 Oct 2003 09:33:26 +0200
Hello,
With apache client authentication was so simple. Now my boss wants to use
it for smartcard login and I have to use tomcat with cocoon. Thats why I
need the client authentication
Client cert verification is done against the TrustStore, not the KeyStore.
Tomcat 5 has some improvements for this. Tomcat 4 is still a bit limited.
I have no idea what is goin wrong. Can someone tell me how to make this
work?
Assuming that you don't want to just import the signing cert into
client authentication working. The problem is getting
my existing certificates working in tomcat. Is apache http server it was very easy. I
configured all the stuff in my httpd.conf.
I also tried to get tomcat working with keytool. But ther's something I do wrong. I
alwas get handshake error
please tell me how to use keytool. I've got the following
certificates:
1 server.crt = server certificate
2 ca.crt = chain certificate
3 ca-bundle.crt = lots of certificates for client authentication
4 server.key = i really don't know how to get this one in keytool
Thnx
Twan Munster
at
http://ws.apache.org/soap/docs/install/FAQ_Tomcat_SOAP_SSL.html describes.
If I disable client authentication in the tomcat config, the client is able
to comunicate with the server. If I enable the authentication the client
aborts with the following exception:
java.net.SocketException: Software
. The client is using
HTTPClient from apache. I have done everything the document at
http://ws.apache.org/soap/docs/install/FAQ_Tomcat_SOAP_SSL.html describes.
If I disable client authentication in the tomcat config, the client is
able
to comunicate with the server. If I enable the authentication
Following the advice from this link
http://books.mcgraw-hill.com/betabooks/aug02/taylor/0072225653_ch10.html
I tried to get SSL client authentication to work by setting the following
entry in tomcat-users.xml:
user username=CN=x, OU=y, O=z, L=a, S=b, C=c password= roles=user/
where x,y,z,etc
Christopher Williams [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Following the advice from this link
http://books.mcgraw-hill.com/betabooks/aug02/taylor/0072225653_ch10.html
I tried to get SSL client authentication to work by setting the following
entry in tomcat-users.xml
My setup:
Windows XP Pro
JDK 1.4.1
JWSDP 1.0
I'm hoping to get SSL client authentication working for web services. I set
up Tomcat for SSL ages ago and it works fine. However, I run into multiple
problems when I attempt to use SSL client authentication.
I have enabled client authentication
Christopher Williams [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
My setup:
Windows XP Pro
JDK 1.4.1
JWSDP 1.0
I'm hoping to get SSL client authentication working for web services. I
set
up Tomcat for SSL ages ago and it works fine. However, I run into
multiple
problems
Hello,
I've always used apache http server for client authenticatien with ssl. I've installed
Tomcat now voor mij jsp's.
But I'm not able to get the ssl client authentication working. The problem is getting
my existing certificates working in tomcat. Is apache http server it was very easy. I
the ssl client authentication working. The problem
is getting my existing certificates working in tomcat. Is apache http server
it was very easy. I configured all the stuff in my httpd.conf.
I also tried to get tomcat working with keytool. But ther's something I do
wrong. I alwas get handshake error
]
Asunto: Re: Tomcat SSL client authentication problem with Internet
Explore
I'm guessing that you didn't install your CA's cert in MSIE's root
certificates. Since Tomcat will ask for certs signed by your CA, if MSIE
can't find any (that it can verify the chain with), you get an empty box.
Ratón
My setup:
JWSDP 1.2
Windows XP Pro
JDK 1.4.2
I want to know who's accessing a certain web page after they've
authenticated to Tomcat. No problem if I use BASIC authentication.
However, when I use SSL-CLIENT authentication, calling getUserPrincipal() on
the incoming Request object returns null
Hi!
I have a problem with Tomcat 4.0.6 and SSL client authentication. When I use the
Internet Explorer browser (v6.0) and I try to access the secure URL (for example
https://whatever:8043), an empty list of certificates is presented. However, if I use
Mozilla 1.4 or Netscape 4.76, the client
]
Hi!
I have a problem with Tomcat 4.0.6 and SSL client authentication. When I use
the Internet Explorer browser (v6.0) and I try to access the secure URL (for
example https://whatever:8043), an empty list of certificates is presented.
However, if I use Mozilla 1.4 or Netscape 4.76, the client
Hi,
I'm using Tomcat 4.0.6 and configured it for client authentication. This works fine.
Then I tried to add a realm to a certain webapp in order to control access. As I have
read in several sources either the client certificates Common Name or the complete
Distinguished name are used
tried to use what I've
found but I'm still having a problem...
I'm trying to do SSL client authentication with Tomcat 4.1.18
BB (clientAuth=true).
1. I've generated a client certificate using keytool:
keytool -genkey -alias tomcat-cl -keyalg RSA -keystore
BB client.keystore
2
S.Rogulin wrote in message
BB news:[EMAIL PROTECTED]
Hello all,
Sorry for the previous e-mail. %)
This theme was discussed about month ago. I tried to use what I've
found but I'm still having a problem...
I'm trying to do SSL client authentication with Tomcat 4.1.18
BB (clientAuth=true).
1
still having a problem...
I'm trying to do SSL client authentication with Tomcat 4.1.18
BB (clientAuth=true).
1. I've generated a client certificate using keytool:
keytool -genkey -alias tomcat-cl -keyalg RSA -keystore
client.keystore
2. Then I created Certificate Signing Request
] wrote in message
news:[EMAIL PROTECTED]
Hello all,
Sorry for the previous e-mail. %)
This theme was discussed about month ago. I tried to use what I've
found but I'm still having a problem...
I'm trying to do SSL client authentication with Tomcat 4.1.18
(clientAuth=true).
1. I've generated
Hello all,
I'm
Best regards,
Dmitry.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hello all,
Sorry for the previous e-mail. %)
This theme was discussed about month ago. I tried to use what I've
found but I'm still having a problem...
I'm trying to do SSL client authentication with Tomcat 4.1.18 (clientAuth=true).
1. I've generated a client certificate using keytool
]
Sent: Wednesday, July 23, 2003 1:44 PM
To: 'Tomcat Users List'
Subject: RE: HELP! Client Authentication in Tomcat 4.1.24
This is the part you were missing. Unfortunately, the handling of Client
certs in the Jk-Coyote connector is broken in 4.1.24 (see
http://nagoya.apache.org/bugzilla
:[EMAIL PROTECTED]
Sent: Thursday, July 24, 2003 8:28 AM
To: 'Tomcat Users List'
Subject: RE: HELP! Client Authentication in Tomcat 4.1.24
That's what I thought. I'm not using Tomcat with Apache/IIS/SunONE, but
rather standalone.
You mentioned that I need to be using the MemoryRealm. I looked
the DN from the certificate and
look in the realm for a user with the corresponding DN?
Does anyone have any information or links on how to configure tomcat users
with client authentication?
Pat
***
This message is intended only
PROTECTED]
Sent: Wednesday, July 23, 2003 1:02 PM
To: '[EMAIL PROTECTED]'
Subject: HELP! Client Authentication in Tomcat 4.1.24
I am attempting to use client certificate authentication with Tomcat 4.1.24,
but each time I connect via a browser (Internet Explorer) Tomcat indicates
that it is unable
:[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 1:44 PM
To: 'Tomcat Users List'
Subject: RE: HELP! Client Authentication in Tomcat 4.1.24
This is the part you were missing. Unfortunately, the handling of Client
certs in the Jk-Coyote connector is broken in 4.1.24 (see
http://nagoya.apache.org
23, 2003 1:44 PM
To: 'Tomcat Users List'
Subject: RE: HELP! Client Authentication in Tomcat 4.1.24
This is the part you were missing. Unfortunately, the handling of Client
certs in the Jk-Coyote connector is broken in 4.1.24 (see
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15790
Hi
I have successfully setup Tomcat with SSL and client authentication, and I
have successfully identified myself to the web application using a browser
certificate. But when I access a port with client authentication enabled
WITHOUT sending a certificate, I receive an error from Tomcat. I would
Hello,
What a relief!!
And I've seen that the patch for this bug is a one-liner... I will try
to backport it to the stock 4.1.24 we were willing to use.
Do you have an idea of the approx. release date for 4.1.25?
Thank you very much for your help.
Antonio Fiol
Bill Barker wrote:
It's a
Hello,
I have been struggling with a strange problem:
Using Apache Web server (1.3.23 - 1.3.26, not tested others).
Using mod_jk (EAPI version, recent download).
On a Linux machine.
Using tomcat 4.1.24
Both on solaris and on Linux.
When Apache is configured with
SSLClientVerify optional
or
It's a known problem. See http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15790 for
more details. It is fixed in the CVS, and so will work in 4.1.25.
Antonio Fiol Bonnín [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]
Hello,
I have been struggling with a strange problem:
It works!
Thank you
- Original Message -
From: Bill Barker [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, June 07, 2003 5:33 AM
Subject: Re: SSL client authentication with tomcat 4.1.24
I believe that the Sun 1.4 JVM ships with the certs for Verisign and
Thawte
is stored on a Gemplus smartcard connected
with a USB reader all works fine if I connect to an Apache server with
mod_ssl.
- Original Message -
From: Bill Barker [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, June 07, 2003 5:33 AM
Subject: Re: SSL client authentication with tomcat
1 - 100 of 189 matches
Mail list logo