I've developed a webservice running in axis on jboss 3.2.6 / tomcat5. Everything works fine. Our test server uses apache as the webserver. When I put the application on the test server I get the following error:
(400)No client certificate chain in this request I know that the client certificate code works, because it worked when I was using the tomcat webserver alone. It seems like apache is doing something that keeps the client certificate information from being passed to tomcat. >From the Apache list they told me that Apache will be doing the client cert authentication and will pass information to tomcat that the authentication took place via environment/session variables (SSL_CLIENT_S_DN). We are currently passing requests to tomcat via a proxy pass, but would consider implementing mod_jk. My question is, has anyone implemented client-cert authentication with Apache as the webserver? Does any configuration need to take place in Tomcat in this type of system, or does Apache handle it all? Any information is much appreciated, --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
