I've got a TOMCAT application that pulls data from a Web Service and just recently the Web Service was hardened to require client certificates. I debugged all my certificate issues and got my Java class that talks to the Web Service working just fine as a stand-alone app. However, I'm having trouble getting it to work within Tomcat. My certificate is not being sent to the Web Service. This is how I initialize my keystore and truststore: System.setProperty("javax.net.ssl.trustStore", "c:\\certs\\datahub.keystore"); System.setProperty("javax.net.ssl.trustStorePassword","turstpass"); System.setProperty("javax.net.ssl.keyStore", "c:\\certs\\SDXWebservice.pfx"); System.setProperty("javax.net.ssl.keyStorePassword","keypass"); System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
I'm using Tomcat 6 and JRE 1.6. My web app is not secure and I had been using the out-of-the-box server.xml file, but I've been playing with an SSL connector on 8443, but I still can't get it to work and am not sure if I need to add this connector or not. I'm not a security expert at all and have really been struggling with this for far too long! Any and all help is appreciated. Thanks in advance. - Frank.