i've seen that the question i'm going to write have been posted to many mailing lists (sun, ssl, tomcat-user) but i haven't seen any useful answer (perhaps i haven't seen well).
I'm using Tomcat 4.0.3 with secure connections (ssl), if i use only the certificate for the server all things go well. When in the configuration file of tomcat i change the value of clientAuth to true, asking for the client's certificate, on the client the list of certificates is empty. On the client I'm using a pkcs#11 certificate released by a CA of an Italian Ministry (Government), on the server, i generate a self-signed certificate with keytool. I have imported the client certificate in internet explorer 6 (and also in netscape 6.2), i've imported also the certificate of the certification authorities On the server i did the same thing (keytool -import -trustcacerts -alias name -file name.cer -keystore C:\java-pgm\Tomcat4\conf\.keystore). I know that the server presents to the client a list of the certification authorities (certificates) it accepts, so for some unknown reason in this list there isn't the right certificate, even if on the server with "keytool -list" i can see that the certificates have been correctly imported. (I did the same thing many times, with other certificates, on some apache web server, that have more configurable options, i have never had problems) Can someone help me ? Thank you in advance Massimo -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>