Hi
I have followed all the instructions on this discussion, and i´m still
getting the error:
HTTP Status 400 - No client certificate chain in this request
Does the user cert that i´m using need to be trusted by cert of tomcat sever?
I´m using Apache Tomcat/5.5.15, on Win Xp Pro SP2
I have
Ok, I just submitted the bugs #38553 and #38555 for both issues. If
you need more information, please let me know via bugzilla.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Markus wrote:
Ok, I just submitted the bugs #38553 and #38555 for both issues. If
you need more information, please let me know via bugzilla.
5.5.x CLIENT-CERT shoudl work with all realms. 5.0.x - don't hold your
breath.
Mark
Mark:
Thank you for your link to the archive. It was my fault using the
UserDatabase realm
instead of the MemoryRealm. I'm, using tomcat 5.0.28 - is it still the
case in 5.5.x
that you MUST use the MemoryRealm for clientcert authentication?
Anyway, there is still an issue when trying to access a
Markus wrote:
Mark:
Thank you for your link to the archive. It was my fault using the
UserDatabase realm
instead of the MemoryRealm. I'm, using tomcat 5.0.28 - is it still the
case in 5.5.x
that you MUST use the MemoryRealm for clientcert authentication?
All realms should work with
Markus a écrit :
Ok, when I set clientAuth to want the Exception getting SSL Cert
goes away. (Wtf is this documented?).
Yes it is documented:
http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html
Section 'Edit the Tomcat Configuration File'
But I still get the 403 - Access
denied error.
Ok, when I set clientAuth to want the Exception getting SSL Cert
goes away. (Wtf is this documented?). But I still get the 403 - Access
denied error.
Here is how I added the users certificate to my realm:
web.xml:
security-constraint
web-resource-collection
Setting clientAuth to true / false in the Connector configuration
works fine, but how do I configure client authenticaton on a
per-directory or even per-servlet basis?
This is my current configuration:
In server.xml:
Connector port=8443
maxThreads=150 minSpareThreads=25
: Wednesday, February 01, 2006 9:22 AM
To: Tomcat Users List
Subject: Re: Tomcat and client certificates
Setting clientAuth to true / false in the Connector configuration
works fine, but how do I configure client authenticaton on a
per-directory or even per-servlet basis?
This is my current configuration
Creating client certs is no problem, I already had client
authentication working on the Connector-Level.
Nick:
In other words: it is NOT possible in tomcat to have a webapp with
BOTH, a private part with ssl AND client authentication and a public
part with ssl but WITHOUT client authentication?
Hi
Yes, it is possible. From connector configuration doc:
clientAuth:
Set this value to true if you want Tomcat to require all SSL clients to
present a client Certificate in order to use this socket.
Set this value to want if you want Tomcat to request a client Certificate,
but not fail
Markus wrote:
Setting clientAuth to true / false in the Connector configuration
works fine, but how do I configure client authenticaton on a
per-directory or even per-servlet basis?
snip/
And here are the results I get:
https://domain/anypage : OK
https://domain/html/anypage : HTTP
From: Tom Bednarz [mailto:[EMAIL PROTECTED]
Subject: Tomcat and client certificates
If that is not possible, I need two servers, each running
an instance of Tomcat with different server.xml settings.
I haven't tried it, but I would think all you need is two sets of
Connector tags, not two
13 matches
Mail list logo