On 26/10/2010 18:28, Aron K. wrote: > Hi, > > Firefox ist RFC 5746 compliant. (http://www.ssltls.de/) > Tomcat 6.0.29 uses JRE 1.6.22, also RFC 5746 compliant. > > Renegotiation should occur, as the browser initially doesn't send the > client certificate, then the user is supposed to choose a client cert. > and then the browser should renegotiate the connection using the client > certificate. This is where I get: > > WARNUNG: SSL server initiated renegotiation is disabled, closing connection > 26.10.2010 18:35:10 org.apache.tomcat.util.net.jsse.JSSESupport handShake > > I was wondering, if there was any way to avoid > allowUnsafeLegacyRenegotiation="true" in the SSL 443 Connector. I only > want to allow safe renegotations! But I need this, as I can not > configure the browser to send the client certificate at the very first > request. > > Any thought on this?
Tomcat hasn't been updated to take advantage of the recently updated JDK. You might be able to achieve what you are looking for with existing code and the right set of options. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
