Hi. I have a tomcat configuration question that perhaps someone could help me with.
I have tomcat 4 with soap installed in webapps. I have client authorization working, with the certificates coming from me acting as my own ca. This works because I have imported my cacert into the server's $JAVA_HOME/jre/lib/security/cacerts. What I would like to do is limit access to the soap service only to clients with certificates signed by me, as opposed to any trusted certificate (there are many in the JDK's cacerts file). Unfortunately, I don't see a way to impose such a limit - for a given instance of tomcat, all trust is resolved from one place (by default,$JAVA_HOME/jre/lib/security/cacerts). In the 'Connector' specification I can set the keystoreFile, but there doesn't appear to be the equivalent of a "truststoreFile". Is this correct, or am I missing something? Thanks, mike. -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
