tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Jeffrey Tucker <mtuc...@eecs.harvard.edu>
Subject Using Client Certificates in tomcat-4.0.1
Date Tue, 11 Nov 2003 19:54:33 GMT
Hi,

  I am prototyping a modification to an existing Tomcast system on Linux
that will now use client certificates for authentication, but I have been
having trouble getting to the pointer where connecting to the site with a
web browser prompts for a certificate. I have been incrementally building
up my web.xml and server.xml files, so it's possible that I missed
something, though I have done my best to keep them as simple as possible.

  Things appear to be working properly if I switch the auth-method field
of the web.xml file from CLIENT-CERT to BASIC and set the clientAuth field
in the appropriate Connector's Factory (in server.xml) to "false". I am
currently using the org.apache.catalina.net.SSLServerSocketFactory class.

  If I went users to present a certificate, is it appropriate to have the
auth-method as CLIENT-CERT and the clientAuth field as true? Or am I
already hosed at that point? The behavior I am seeing is an immediate 404
error on IE6. Under Firebird I get a slightly more descriptive message --
it pops up a box that reports:

"localbox has received an incorrect or unexpected message. Error Code:
-12227"

Is there an existing HOWTO that describes in detail how to
configure Tomcat to require client certificates? If not, can anyone
suggest any example scripts that work?

Thanks,
Mike

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message