Hi, is there a way to configure the APR connector in a way that it requests a client certificate only if the client accesses a resource that is protected by a security constraint?
This works with a Java connector if I specify the option clientAuth=false. The client certificate is not requested from the browser unless I try to access a protected resource. However, with the APR connector, if I set SSLVerifyClient=none for the APR connector, a client certificate is never requested from the browser, and an attempt to access a protected resource returns an error. If I set SSLVerifyClient=optional, I am forced to send my certificate already when the connection is established, even if I only access resources that are not protected by a security constraint. Regards, Matthias --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
