Hi, I am prototyping a modification to an existing Tomcast system on Linux that will now use client certificates for authentication, but I have been having trouble getting to the pointer where connecting to the site with a web browser prompts for a certificate. I have been incrementally building up my web.xml and server.xml files, so it's possible that I missed something, though I have done my best to keep them as simple as possible.
Things appear to be working properly if I switch the auth-method field of the web.xml file from CLIENT-CERT to BASIC and set the clientAuth field in the appropriate Connector's Factory (in server.xml) to "false". I am currently using the org.apache.catalina.net.SSLServerSocketFactory class. If I went users to present a certificate, is it appropriate to have the auth-method as CLIENT-CERT and the clientAuth field as true? Or am I already hosed at that point? The behavior I am seeing is an immediate 404 error on IE6. Under Firebird I get a slightly more descriptive message -- it pops up a box that reports: "localbox has received an incorrect or unexpected message. Error Code: -12227" Is there an existing HOWTO that describes in detail how to configure Tomcat to require client certificates? If not, can anyone suggest any example scripts that work? Thanks, Mike --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
