Sreevidya,
On 9/22/21 12:25, Mandava, Sreevidya wrote:
Tomcat version : 8.5.70
Attached my self -signed client cert(ecdsatestclient.crt_txt), self
signed CA (rsatestca_original.crt_txt)output from openssl
(defaultciphersuite.txt) my connector configuration(connector.txt)
Your attachment has been stripped. Please copy/paste your certificate in
PEM-encoded-DER format (i.e. -----BEGIN CERTIFICATE-----) into the body
of your post.
Problem: We have a client that is connecting to tomcat with an ECC cert
signed by a RSA signer.
That would be a very odd configuration indeed.
Client authentication is enabled in tomcat. They are seeing handshake
failures in ClientKeyExchange/Certificate Verify stage.
Do you have a specific error message and/or stack trace?
Why is there difference between the “certificate types” and
“signature algorithms”? Where/how does tomcat get the values for
“certificate types” and “supported signature algorithms”?
Certificate types are usually "RSA" or "EC" (or maybe "DSA") and
sometimes just, generically, X.509. Signature algorithms are typically
things like "sha256withRSAencryption", etc.
Having the certificate itself would be very helpful in trying to debug
this issue.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org