Do you understand how SSL/TLS works for "Client Authentication"?
Do you think the client must obey everything mandated by the server?
Try have a grasp how both ends *agree* on the "client authentication".
Pae
-----Original Message-----
From: Mandar Joshi <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Wednesday, April 04, 2001 4:03 PM
Subject: Client Authentication
>Hi,
>
>I am using Tomcat 3.2 on WindowsNT 4.0. I have enabled SSL direct on
tomcat.
>If I access my server without client authentication it goes on well.
>But if I specify client authentication then it gives me following error on
>the server screen
>
>2001-04-04 04:02:42 - Ctx( ): 400 R( /) null
>2001-04-04 04:02:42 - Ctx( ): IOException in: R( /) Socket closed
>2001-04-04 04:02:42 - Ctx( ): 400 R( /) null
>2001-04-04 04:02:42 - Ctx( ): IOException in: R( /) Socket closed
>2001-04-04 04:02:42 - Ctx( ): 400 R( /) null
>2001-04-04 04:02:42 - Ctx( ): IOException in: R( /) Socket closed
>
>
>The browser shows me Page Cannot be displayed error.
>
>This is how my server.xml entry looks like
>
><Connector className="org.apache.tomcat.service.PoolTcpConnector">
> <Parameter name="handler"
>
>value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
> <Parameter name="port"
> value="8443"/>
> <Parameter name="socketFactory"
> value="org.apache.tomcat.net.SSLSocketFactory" />
> <Parameter name="keystore" value="/tomcat/conf/newCerts" />
> <Parameter name="keypass" value="keypass"/>
> <Parameter name="clientAuth" value="true"/>
> </Connector>
>
>What could be wrong ?
>
>your help is appriciated
>
>Mandar
>
