Tomcat can't do client certificate authentication
I've been trying to do this for the last two weeks. There is no documentation on it (the SSLHowto only describes HTTPS). So I have to conclude that Tomcat can't do client certs, so we can't use it. Is this correct ? Dave -Original Message- From: [EMAIL PROTECTED] Sent: Fri 07/03/2003 20:08 To: [EMAIL PROTECTED] Cc: Subject: Can Tomcat do client certificate authentication ? Within our company we've decided to use client certificates for security. I've spent all week trying to get this working on Tomcat. If the client and server are on the same machine it's easy. But how do I do it if the client is on a different machine ? I can get SSL working on HTTPS no problem, but client certificates ? No way. If we can't find an answer we'll have to ban the use of Tomcat in our company for any serious work. Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat can't do client certificate authentication
Correct. Tomcat can't do client authentication. For this, you have to implement a Realm (JDBCRealm, JNDIRealm, etc) and you realize the authentication. See http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html - At 08:52 17/03/2003 +, you wrote: I've been trying to do this for the last two weeks. There is no documentation on it (the SSLHowto only describes HTTPS). So I have to conclude that Tomcat can't do client certs, so we can't use it. Is this correct ? Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]