Doug,
Thanks for your help but this isn't what I need. Yes, I want the client to present a certificate for validation during the SSL handshake, but your solution is not available to me. You suggest putting something in a config file, but I'm running Tomcat embedded, so all of the configuration is happening programmatically.
I have a org.apache.coyote.tomcat5.CoyoteConnector and I call setKeystoreFile(...), setKeyAlias(...), etc. to set up the server side SSL, and this is working great. When I want to request a client certificate I would expect to call setClientAuth(...) to do this. However, I'd expect to pass a boolean into this method, but instead, the interface requires a String!!! To make matters worse, there's no documentation to say what this string is.
Does anyone know how to do this programmatically??
Sander Smith
At 08:20 AM 6/1/2004 -0400, you wrote:
Sander,
If what you want is to have the client present a certificate for validation, then in your connector have something like
clientAuth="true"
See http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
If you are looking for something different let us know.
Doug www.parsonstechnical.com
----- Original Message ----- From: "Sander Smith" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, June 01, 2004 6:29 AM Subject: SSL Client Authorization
> I'm writing an application with SSL that's been working fine, and would > like to enable client authorization. It seemed like the thing to do was go > to my connector (org.apache.coyote.tomcat5.CoyoteConnector) and enable it > there. Lo and behold there is a method (setClientAuth) that seems to do > what I want, but for some strange reason it takes a string as an argument > instead of a boolean. What am I missing here?? How do I enable this? > > Sander Smith > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
