FYI, a Linux RPM of ssldump is available at : http://ftp.falsehope.com/home/gomez/ssldump/
Regards :) - Henri Gomez ___[_]____ EMAIL : [EMAIL PROTECTED] (. .) PGP KEY : 697ECEDD ...oOOo..(_)..oOOo... PGP Fingerprint : 9DF8 1EA8 ED53 2F39 DC9B 904A 364F 80E6 >-----Original Message----- >From: Eric Rescorla [mailto:[EMAIL PROTECTED]] >Sent: Friday, November 16, 2001 10:53 PM >To: Tomcat Developers List >Subject: Re: Error: null cert chain > > >Hai Wang <[EMAIL PROTECTED]> writes: >> I am working on SSL communication now, I have set up Tomcat to >> support SSL, but I got an error when I tried to make a connection to >> Tomcat-SSL server. My procedures are as follows: (by the way >my server >> and client are sitting in the same Linux PC (Lisbon)) >> >> >> 1. create the key pair for server and client >> 2. request the certificates from thawte from both of them >> 3. import the reply certifcates to server and client keystores >> 4 export the server and client certficates and import >them as the >> >> trusted certficates >> >> Detailed procedures, please see the end of the mail >> >> when I desable clientAuth, everything is fine, but when I turn on the >> clientAuth, the following erros come up. >Let's start by finding out whether the client is actually performing >client auth. Can you get an ssldump trace of the connection? >(you can get ssldump from http://www.rtfm.com/ssldump). You'll >want to use the -A and -N flags. > >Once we know what's happening we can try to figure out why. > >-Ekr > >-- >[Eric Rescorla [EMAIL PROTECTED]] >Author of "SSL and TLS: Designing and Building Secure Systems" > http://www.rtfm.com/ > > >-- >To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>