tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Manuel Gil Perez" <>
Subject Client authentication using Keystores...
Date Tue, 07 Jun 2005 13:50:51 GMT
Hi all,

I would like to enrol my server to accept authenticated connections from 
authorized parties using X.509 certificates. I follow the instructions 
indicated in SSL Configuration HOW-TO 
( and I 
generate my keystore file with the certificate/private key of the web server 
and the CA certificate.

The client authentication only works if I add the CA certificate into the 
$JAVA_HOME/jre/lib/security/cacerts. If the Tomcat keystore contains the CA 
certificate but not the JDK keystore... the client authentication fails.

Can somebody tell me how can I manage these keystores and to add only the CA 
certificate in the Tomcat keystore... leaving the original JDK keystore 


Manuel Gil PĂ©rez 

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message