I am trying to run Tomcat https with clientAuth="true", but my browser (IE) fails to authenticate. It presents a blank "select one of your certificates to use when connecting" screen. My personal certificate that I usually use when connecting to Weblogic does not appear. I believe that I installed the same server certs into tomcat as I installed into weblogic.
Question1) can anyone tell me the exact steps to create and install new certs on both tomcat and IE to make clientAuth work? (do I have to create the "personal" cert via OpenSSL?) Question2) any ideas how to debug the handshake of my existing certs? Why do they work on Weblogic but not on Tomcat? Thanks, George. Some details: I have Tomcat 4.0.3 running on 2 computers: Linux and Windows 2000. On both Win and Linux I installed certificates via keytool: >keytool -list Enter keystore password: changeit Keystore type: jks Keystore provider: SUN Your keystore contains 6 entries john_apr15, Apr 15, 2002, trustedCertEntry, Certificate fingerprint (MD5): EF:B8:24:40:6C:F9:2A:D4:39:3C:C4:C8:DB:5C:14:2F zproot, Apr 14, 2002, trustedCertEntry, Certificate fingerprint (MD5): 21:40:3B:EC:C5:01:5E:22:EB:90:AC:05:4E:BB:8D:0C tomcat, Apr 14, 2002, keyEntry, Certificate fingerprint (MD5): 90:F3:B9:04:BD:B1:BB:DF:FE:FC:F6:6B:0F:AE:C2:95 zplevel2, Apr 14, 2002, trustedCertEntry, Certificate fingerprint (MD5): 8D:B0:BB:02:88:94:65:11:5E:A8:A1:99:43:FD:51:34 zplevel1, Apr 14, 2002, trustedCertEntry, Certificate fingerprint (MD5): 4F:59:C8:8D:35:CE:AA:C6:21:B0:14:70:A1:1C:A8:E3 mykey, Apr 14, 2002, trustedCertEntry, Certificate fingerprint (MD5): E6:1C:88:86:9A:09:52:9F:A0:37:83:84:58:A2:86:DB -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
