On 08/26/2011 11:24 AM, Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Savitha,
On 8/25/2011 7:01 PM, Savitha Akella wrote:
<Connector protocol="org.apache.coyote.http11.Http11Protocol"
port="443" maxThreads="150" scheme="https" secure="true"
SSLEnabled="true"
Okay.
keystoreFile="d:/users/apache-tomcat-7.0.11/keystore/key.keystore"
keyAlias="keyalias" keyPass="changeit"
Okay.
clientAuth="true"
truststoreFile="D:/users/apache-tomcat-7.0.11/keystore/trust.keystore"
truststorePass="changeit"
SSLVerifyClient="require"
Okay.
sslProtocol="TLS"
Should probably be "SSLProtocol", but might not matter. Also, "TLS" is
not a documented valid value for this attribute.
http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
Kindly double-check your data. I see that its the default and doesn't
need to be defined but is probably defined for clarity.
SSLEngine="on"
SSLEngine is not a recognized attribute.
It is for the Listener container. This would turn on/off APR. Seems like
a simple mistake.
SSLVerifyDepth="4" />
Regards, Savitha On Thu, Aug 25, 2011 at 11:46 AM, Christopher
Schultz< ch...@christopherschultz.net> wrote:
Savitha,
On 8/25/2011 12:53 PM, Savitha Akella wrote:
We have given the "trustStorePass" value to point to a
keystore which has only the certificate for our web
services.
Do you mean "truststoreFile"?
Of course the clientAuth parameter is set to true.
Good.
Can you post your<Connector> configuration for us? Remember to
remove any passwords from it.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk5Xur0ACgkQ9CaO5/Lv0PC4sACgraqr86G+o/CQ4m4pfn7SRoVy
NkYAoJhi4pR9EVYbeXbEEcYdSAgJ28+b
=jKq/
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org