I am attempting to use client certificate authentication with Tomcat 4.1.24, but each time I connect via a browser (Internet Explorer) Tomcat indicates that it is unable to authenticate with the provided credentials.
My client certificate is a personal certificate from Thawte. The corresponding root certificate already exists in my truststore. Shown below is my tomcat-users.xml file. <?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="user" description="Authenticated User"/> <role rolename="manager" description="Tomcat Manager"/> <role rolename="admin" description="Tomcat Administrator"/> <user username="administrator" password="password" roles="admin,manager"/> <user username="[EMAIL PROTECTED], CN=Thawte Freemail Member" password="null" roles="user"/> </tomcat-users> Must I do anything with the client certificate in order for the server to trust it, or does the server simply grab the DN from the certificate and look in the realm for a user with the corresponding DN? Does anyone have any information or links on how to configure tomcat users with client authentication? Pat *********************************************************************** This message is intended only for the use of the intended recipient and may contain information that is PRIVILEGED and/or CONFIDENTIAL. If you are not the intended recipient, you are hereby notified that any use, dissemination, disclosure or copying of this communication is strictly prohibited. If you have received this communication in error, please destroy all copies of this message and its attachments and notify us immediately. *********************************************************************** --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
