The server certificate must be where you set it up in your server.xml (for details, see the tomcat-ssl-howto). This will enable Tomcat to identify itself to the client.
The client certificate's CA's public key (or just the whole certificate) must be imported into %JAVA_HOME%/jre/lib/security/cacerts (the default truststore that Tomcat uses), or, you have to define the system property for the truststore in Tomcat's JVM if you want to use another truststore than the default. This will enable Tomcat to trust the client. cheers, memo ----- Original Message ----- From: "Panos Skondras" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 03, 2002 08:50 Subject: Tomcat SSL > Hi all > I am trying to start Tomcat using https with client auth but > so far nothing. > I have downloades JSSE put the jar in the right place(https works if i > put clientauth=false in > server.xml). > I have created a key with keytool and also > export a key to put it in the IE trusted root dir. > But when i enable client auth=true and ty again i get > The page cannot be displayed page from tomcat no > logging is done.. > Can anyone give me some hints.. > The client certificate is not from a CA but it is created by me with > keytool > The client certificate and the server certificate must exist somewhere > in tomcat path? > thx inadvance > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
