tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Filip Hanik" <fi...@filip.net>
Subject Re: Tomcat 3.2 standalone + SSL - Help please
Date Tue, 19 Dec 2000 22:45:54 GMT
try https://ip.add.re.ss:8443 instead. ie has to know that you want to use
https instead of http

Filip

----- Original Message -----
From: <Dion_Vansevenant@psdi.com>
To: <tomcat-user@jakarta.apache.org>
Sent: Tuesday, December 19, 2000 2:26 PM
Subject: Tomcat 3.2 standalone + SSL - Help please




I have followed the instructions in server.xml for configuring SSL with
Tomcat.
When I try to access the SSL connection at http://ip.add.re.ss:8443, the
server
thinks about it, then my browser (IE5) displays and empty certificates box
for
me the select the certificate I want to use. The certificate I want to use
is
the one created by following the tomcat-ssl-howto. I specified a keystore
directory when using the keytool command.

Perusing the Tomcat archives revealed nothing useful, but the OpenSSL FAQ
produced this interesting little tidbit:

 "What will typically happen is that when a server requests authentication
it
 will either not include your certificate or tell you that you have no
client
 certificates (Netscape) or present you with an empty list box (MSIE). The
 reason for this is that when a server requests a client certificate it
 includes a list of CAs names which it will accept. Browsers will only let
you
 select certificates from the list on the grounds that there is little point
 presenting a certificate which the server will reject.


 The solution is to add the relevant CA certificate to your servers "trusted
CA
 list". How you do this depends on the server sofware in uses."


 Does this mean Tomcat needs to be configured to present the certificate? If
 so, how and where?


 Thanks in advance.





Dion Vansevenant
Internetwork Administrator
MRO.com



Mime
View raw message