On Thu, May 02, 2002 at 03:03:16AM -0700, Raja Sekhar wrote:
> Hi,
>
> I am using Tomcat 4.0.3 with Apache 1.3.24 on Redhat Linux 7.1.
> For SSL, I have configured Apache with mod_ssl & the connector
> I am using is mod_webapp. The SSL Connection is successfully done.
> I have a servlet on Tomcat which is expecting a Client Certificate.
> I have made "SSLVerifyClient -- True" & it accepts client
> certificate at SSL Handshake.
>
> I am using the following code to retreive the certificate from
> servlet running on Tomcat
>
> Object certReqObject =
> request.getAttribute("javax.servlet.request.X509Certificate");
> I have downloaded the WarpConnector source. In WarpRequest.java,
> the certificate object is set to null if any exception occurs.
> Can any one help me where I am going wrong. I am using trial
> Server certificate which we automatically get while configuring
> Apache with SSL. The certificate entry in httpd.conf is as follows
> -----------------------------------------------------
> SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
> SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
> SSLVerifyClient require
> SSLVerifyDepth 10
> -------------------------------------------------------
> Please help me out at the earliest as I am struck badly.
> Thanks & Regards,
> ..Raj
In http://jakarta.apache.org/tomcat/tomcat-3.3-doc/tomcat-ssl-howto.html#s4
there is a bit about Apache+mod_ssl and mod_jk which says
"When using mod_jk with Apache & mod_ssl, it is essential
to specify "SSLOptions +StdEnvVars +ExportCertData" in
the httpd.conf file. Otherwise, mod_ssl will not produce
the neccessary environment variables for mod_jk."
Perhaps you should add
SSLOptions +StdEnvVars +ExportCertData
to your httpd.conf as this seems to be a problem with mod_ssl
and mod_jk on the mod_ssl-side and might solve your problem
with mod_webapp and mod_ssl.
-Christian
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
