All, I am experiencing some problems when enabling client authentication on an SSL connection. The same problem occurs both when using tomcat 4.0.4 standalone and when using embedded tomcat (same version). The parameters I set for my SSL connection are these (same settings are used for both sever.xml for standalone and programatically using embedded tomcat):
Connector port = 8081 Connector secure = true Connector scheme = https SSL keystore file = /usr/java/jre/lib/security/cacerts SSL keystore pass = neveryoumind SSL keystore type = JKS SSL algorithm = SunX509 SSL protocol = TLS SSL client auth = true The security providers I have set are: security.provider.1=com.sun.security.provider.Sun security.provider.2=com.baltimore.jcrypto.provider.JCRYPTO security.provider.3=com.sun.net.ssl.internal.ssl.Provider security.provider.4=com.sun.rsajca.Provider The server starts without issuing any warnings of any sort, but throws a java.lang.OutOfMemoryError when I try to connect to it using any browser. (The error is caught in the HttpProcessor.run() method). I switched on the javax.net.debug=ssl,handshake flag hoping that I would get some more information. This showed me that the server did receive the request from the browser, but that it never even started to negotiate any chipher suite/encryption, and a "server hello" was never returned to the client. All help will be greatly appraciated! Best regards, Morten Jorgensen, Software Engineer, Vordel ltd, Dublin, Ireland -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
