... In the server.xml file...
Having enabled SSL on port 8443 I have a question regarding the "clientAuth" attribute
of the <Factory> tag. The value for the clientAuth attribute can be either 'true' or
'false'.
What specifically will the server be expecting from a connection when clientAuth is
set to true? Having set up a client app that will talk to the servlet using https and
with the certificates in place the communication will work with clientAuth=false, but
when clientAuth=true I get bad-certificate errors. Nothing else has changed. The
certificates haven't changed so I must assume that it is looking for something more,
but I'm unclear as to what.
...in the servlet's web.xml file...
<web-app>
<servlet>
<servlet-name>simpleServlet</servlet-name>
<servlet-class>SimpleServlet</servlet-class>
</servlet>
<security-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>CLIENT-CERT</auth-method>
</login-config>
</web-app>
------------------------------------------------
Thanks in advance for pointing me in the right direction...
-- John Kammer
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
