Peter wrote: >this pretty much sounds like the same problem I was experiencing and >posted earlier today. Sadly, your link below only gives hints on how >to intall a SERVER certificate, but not on how to configure everything >to ask for a CLIENT cert.
This is what I found too. However, the ImportKey program sounds like a nifty little thing that could come in handy. Thanks for the link Schwarz! The few other responses I got to my first posting were along the same lines, so for the sake of making sure everybody understands this correctly, let me reiterate: This is about CLIENT certificates. Apparently Tomcat gives up mysteriously when receiving a home-made certificate (perhaps the thread dies or something), but in any case the connection is quietly closed with no trace or log messages to be found anywhere. >I have exactly the same problem where the >initial handshake with the exchange of the SERVER cert is just fine, >but then the connection breaks leaving you with absolutely NO >LOG-entry as to why it broke .... Ok, so I'm not the only having this problem, that's assuring... somehow ;-) >So far, I was only able to get an error-message out of Netscape (6.x) >saying "unknown SSL Error -12227" I tried to use NS too to find out more, but I had some problems with the firewall I'm behind to get to my server, so I never got to it. Unknown SSL error ... Hmm! >Would it make sense to post this on the tomcat-development-list? I think so. Regardless of why our own certificates does not work, it is highly problematic that there are no trace of what goes wrong anywhere. Do you have experience in this, or do you have the FAQ handy? I've never tried this myself, but one time has to be the first I guess :-) Regards - Henrik Schultz Senior Systems Architect Consultant to Maersk Data AS Tel.: +45 39 10 21 13 Mobile: +45 22 12 24 29 E-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
