Hi. I have a tomcat configuration question that perhaps someone could help me with.
I have tomcat 4 with soap installed in webapps. I have both server and client authorization turned on and working, with the client authorization coming from my own ca. This works because I have imported my cacert into $JAVA_HOME/jre/lib/security/cacerts. What I would like to do is limit access to the soap service only to clients with certificates signed by me. I don't see a way to impose such a limit - for a given instance of tomcat, all trust is resolved from one place (by default,$JAVA_HOME/jre/lib/security/cacerts). Is this correct, or am I missing something? Thanks, mike. -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
