On Dec 21, 2012, at 7:35 AM, Will Nordmeyer wrote: > At long last, I have tomcat configured, I have revoked certificates to > test with…
Nice! > my question today... > > When I try using a revoked certificate, I get the lovely and > meaningful "page cannot be displayed." What browser are you using? This sounds like the generic IE message. > So it is properly denying > access - but it doesn't provide appear to provide any other feedback > to the browser. Tomcat should be returning some HTTP error code like 400 Bad request, 401 Unauthorized or 403 Forbidden. If your browser is masking it, you can see exactly what is returned by looking at the access log. You can then override that code and provide a custom error page (like Twitter's Fail Whale). See the <error-page> tag in web.xml for more details. One note about this. If you are using IE, your custom error page has to be over a certain size or IE will still continue to display it's generic messages. I believe it's 512 bytes. Dan > > Is that correct, or is it configurable so it could report - > certificate revoked, or certificate invalid or something? > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
