|
Having done the following:
- configured Orion for SSL Client Authentication (as
below)
- obtained certificate from Thawte
- checked that the CA root cert (corresponding to my cert) is
in jre\lib\security\cacerts
IE5 presents me with the choice of no certificates when
accessing the secure web site. NN5 shows my list of certs, but attempted access
with the Thawte cert fails. Any ideas? Solutions or "where to look" would
help!
I had assumed that I should be able to add trusted CA certs
somewhere so that I could allow anyone with a cert from a trusted CA into the
site. Is this possible? If so, how?
Also, I don't fully understand the significance of
ssl-user-registration.jsp. Why would I want a user with a cert to register (I
trust him)? Have I missed something fundamental here?
Thanks, Mick
Here's the web-site config:
<web-site host="[ALL]" secure="true" display-name="Secure
Orion WebSite" log-request-info="true">
<default-web-app application="default" name="defaultWebApp" /> <web-app application="mdp" name="mdp-web" root="/mdp" /> <web-app application="news" name="news-web" root="/news" /> <web-app application="atm" name="atm-web" root="/atm" /> <ssl-config keystore="keystore" keystore-password="123456" needs-client-auth="true" /> <access-log format="$ip - $user - [$time] '$request' $status $size" path="../log/secure-web-access.log" /> </web-site> |
