tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: SSL and Non-Browser Traffic
Date Fri, 30 May 2003 03:35:36 GMT
It depends on the cert, really.  If it is signed by someone already in
cacerts (I believe that this means Versign/Thwate, but check the JSSE docs
at http://java.sun.com to be certain), then you don't have to put it
anywhere.  If the signer is trusted, then the certificate is trusted (it's
sort of like the mafia that way:  If someone I trust, trusts you, then I
trust you).

If the cert is signed by someone else, you need to import the signer's cert
into cacerts.  If it is a self-signed cert, then you can import it into
either cacerts or .keystore.

"Lukas Bradley" <lukas@somnia.com> wrote in message
news:bb5916$4rh$1@localhost.localdomain...
> For non-browser based traffic, like foreign applications that POST to a
> Servlet over HTTPS, where do I place the trusted client certificate?
Since
> there is no user-based authentication acceptance window, it seems our
> connections are failing.
>
> The end user has sent me the certificate, I just don't know where to place
> it for Tomcat to verify.  Is this even necessary?
>
> Lukas




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message