I am testing Tomcat standalone with client authentication on, and getting some odd results. It works fine if client authentication is not turned on (for both IE and Netscape browsers). If I turn on client authentication, Netscape claims that I do not have a personal certificate, and IE asks me to choose from an empty list of certificates. If I go via Apache/SSL, and redirect to Tomcat, it works fine. Netscape lets me choose the certificate, IE shows the certificate in the list, and I can see the certificate in the SnoopServlet output. Any ideas on the problem with the certificate request when I use Tomcat standalone? Is there some configuration to indicate the type of certificate the server is requesting? I am using a self-signed certificate, generated via keytool, on the server. In the browser, I have a verisign personal certificate. Many thanks, Barbara Nelson. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]