Hi All, I tried to get client authentication through certificate working. No success so far. I had a hard time with a certificate chain and it has finally worked. So server authentication is ok now. I turned to client auth and here are some more troubles.
I've got couple "personal certs" installed in IE 5.5 but IE even doesn't prompt to choose them. IE 6 does prompt to choose from empty list. Do that certs have to be signed in specific way or have to contain specific extensions? So, some questions: 1. What kind of certificates are considered client's one? The "rfc2246 - The TLS Protocol.txt" looks pretty technical and protocol related (I think it should be). Does somebody find something about it (I tied to STW with no success). So links or "success stories" would be highly appreciated. 2. I'm going to use certificate authentication with Apache, so does certificate go through mod_jk or mod_webapp? 3. Am I right that clientAuth in org.apache.catalina.net.SSLServerSocketFactory requires auth from every connection made through associated connector. And web.xml can require auth from certain requests even with clientAuth set to "false" in Factory? Thanks in advance. Anton. -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
