On 28/08/2019 23:09, Vivien Wu wrote:
> Tomcat version: 8.5.14
> OS: debian 9 (stretch)
> Issues:  If using SSLVerifyClient=optional, it seems to work (log attached,
> assuming config is validated);
> however when trying to use SSLVerifyClient=none, the browser complains
> This site can’t provide a secure connection login-test.foo.com sent an
> invalid response.

What did you expect?

You told the Connector - explicitly - not to ask for CLIENT-CERT

You told the application to require CLIENT-CERT authentication.

It looks like SSLVerifyClient=optional is the correct setting for you
use case.


To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to