Hello,
What a relief!!
And I've seen that the patch for this bug is a one-liner... I will try
to backport it to the stock 4.1.24 we were willing to use.
Do you have an idea of the approx. release date for 4.1.25?
Thank you very much for your help.
Antonio Fiol
Bill Barker wrote:
It's a known problem. See http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15790 for more details. It is fixed in the CVS, and so will work in 4.1.25.
Antonio Fiol Bonnín [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]
Hello,
I have been struggling with a strange problem:
Using Apache Web server (1.3.23 - 1.3.26, not tested others).
Using mod_jk (EAPI version, recent download).
On a Linux machine.
Using tomcat 4.1.24
Both on solaris and on Linux.
When Apache is configured with
SSLClientVerify optional
or
SSLClientVerify require
Mod_jk is correctly configured (see why I say that later).
Tomcat is configured with an AJP13 context, and responding well.
PROBLEM: Client certificate cannot be obtained from the application.
PROBLEM: In fact, there is an IOException *before* calling the servlet.
PROBLEM: When tomcat is reconstructing the certificate. I get:
Insufficient data ...or...
too big
WORKAROUND: I found that the same configuration on Tomcat 4.1.9 is
working perfectly.
I have been studying the differences between 4.1.9 and 4.1.24 and I have
seen that certificate handling is done in very different places in the
code (it has moved).
Does anybody have an idea of what can have broken this?
I am willing to submit a patch and/or do more investigation, so that
this problem id fixed on 4.1.25 when it comes out.
Yours sincerely,
Antonio Fiol
smime.p7s
Description: S/MIME Cryptographic Signature
