Actually,
when trying with any browser, u have to configure ur client and ca cert
in the browser keystore.
when thru' code also, have to put both certs and ur ca cert in the keystore
that u specified in server.xml.
once u configure, browser show the client cert when clientAuth=true.
try with this
Rams
+91-040-3000401 x 2162 (O)
+91-040-6313447 (R)
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 12, 2001 6:59 PM
To: [EMAIL PROTECTED]
Subject: SSL +tomcat
hello all,
I am testing Tomcat standalone with client authentication on, and getting
some odd results. It works fine if client authentication is not turned on
(for both IE and Netscape browsers). If I turn on client authentication,
Netscape claims that I do not have a personal certificate, and IE asks me to
choose from an empty list of certificates.
Any ideas on the problem with the certificate request when I use Tomcat
standalone? Is there some configuration to indicate the type of certificate
the server is requesting? I am using both client & server certificates
generated by Openssl.
More precisely I have an Server Certificate stored in Keystore (Tomcat side)
and a client
Certificate integrated in my browser. Both certificates are signed by a CA
Authority whose
certificate is on my browser too.
This problem has been already encoutered by many people
([EMAIL PROTECTED] for example)
Many thanks,
Arnaud Pierre.
PS: I use tomcat 4.0b5