tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: Client authentication with X509 certificate (Apache web server+mod_jk+Tomcat 4.1.24) not working
Date Sun, 15 Jun 2003 01:34:49 GMT
It's a known problem.  See http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15790 for more
details.  It is fixed in the CVS, and so will work in 4.1.25.

"Antonio Fiol BonnĂ­n" <fiol.bonnin@terra.es> wrote in message news:3EEAF1B3.8040307@terra.es...
> Hello,
> 
> I have been struggling with a strange problem:
> 
> Using Apache Web server (1.3.23 - 1.3.26, not tested others).
> Using mod_jk (EAPI version, recent download).
> On a Linux machine.
> 
> Using tomcat 4.1.24
> Both on solaris and on Linux.
> 
> When Apache is configured with
> SSLClientVerify optional
> or
> SSLClientVerify require
> 
> Mod_jk is correctly configured (see why I say that later).
> 
> Tomcat is configured with an AJP13 context, and responding well.
> 
> PROBLEM: Client certificate cannot be obtained from the application.
> PROBLEM: In fact, there is an IOException *before* calling the servlet.
> PROBLEM: When tomcat is reconstructing the certificate. I get:
>            Insufficient data          ...or...
>            too big
> 
> WORKAROUND: I found that the same configuration on Tomcat 4.1.9 is 
> working perfectly.
> 
> 
> I have been studying the differences between 4.1.9 and 4.1.24 and I have 
> seen that certificate handling is done in very different places in the 
> code (it has moved).
> 
> Does anybody have an idea of what can have broken this?
> 
> I am willing to submit a patch and/or do more investigation, so that 
> this problem id fixed on 4.1.25 when it comes out.
> 
> Yours sincerely,
> 
> Antonio Fiol
> 

Mime
View raw message