Hi Christian,
I have added this line in my httpd.conf file. It is as follows :
SSLVerifyClient require
SSLVerifyDepth 10
SSLOptions +StdEnvVars +ExportCertData
But still my problem remains the same. Is it this way I should do or any other way. I
have seen the link what you referred. But there is no way specified there. Its just
written that you need to put this entry. I did but no use.
Do we have any alternative. Please help me out.
Thanks & Regards,
..Raj
--
On Thu, 2 May 2002 12:41:57 Christian Bockerman wrote:
>On Thu, May 02, 2002 at 03:03:16AM -0700, Raja Sekhar wrote:
>> Hi,
>>
>> I am using Tomcat 4.0.3 with Apache 1.3.24 on Redhat Linux 7.1.
>> For SSL, I have configured Apache with mod_ssl & the connector
>> I am using is mod_webapp. The SSL Connection is successfully done.
>> I have a servlet on Tomcat which is expecting a Client Certificate.
>> I have made "SSLVerifyClient -- True" & it accepts client
>> certificate at SSL Handshake.
>>
>> I am using the following code to retreive the certificate from
>> servlet running on Tomcat
>>
>> Object certReqObject =
>> request.getAttribute("javax.servlet.request.X509Certificate");
>> I have downloaded the WarpConnector source. In WarpRequest.java,
>> the certificate object is set to null if any exception occurs.
>> Can any one help me where I am going wrong. I am using trial
>> Server certificate which we automatically get while configuring
>> Apache with SSL. The certificate entry in httpd.conf is as follows
>> -----------------------------------------------------
>> SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
>> SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
>> SSLVerifyClient require
>> SSLVerifyDepth 10
>> -------------------------------------------------------
>> Please help me out at the earliest as I am struck badly.
>> Thanks & Regards,
>> ..Raj
>
>In http://jakarta.apache.org/tomcat/tomcat-3.3-doc/tomcat-ssl-howto.html#s4
>there is a bit about Apache+mod_ssl and mod_jk which says
>
> "When using mod_jk with Apache & mod_ssl, it is essential
> to specify "SSLOptions +StdEnvVars +ExportCertData" in
> the httpd.conf file. Otherwise, mod_ssl will not produce
> the neccessary environment variables for mod_jk."
>
>Perhaps you should add
>
> SSLOptions +StdEnvVars +ExportCertData
>
>to your httpd.conf as this seems to be a problem with mod_ssl
>and mod_jk on the mod_ssl-side and might solve your problem
>with mod_webapp and mod_ssl.
>
>
>-Christian
>
Join 18 million Eudora users by signing up for a free Eudora Web-Mail account at
http://www.eudoramail.com
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
