tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Manuel Gil Perez" <man...@dif.um.es>
Subject Client authentication using Keystores...
Date Tue, 07 Jun 2005 13:50:51 GMT
Hi all,

I would like to enrol my server to accept authenticated connections from 
authorized parties using X.509 certificates. I follow the instructions 
indicated in SSL Configuration HOW-TO 
(http://jakarta.apache.org/tomcat/tomcat-5.5-doc/ssl-howto.html) and I 
generate my keystore file with the certificate/private key of the web server 
and the CA certificate.

The client authentication only works if I add the CA certificate into the 
$JAVA_HOME/jre/lib/security/cacerts. If the Tomcat keystore contains the CA 
certificate but not the JDK keystore... the client authentication fails.

Can somebody tell me how can I manage these keystores and to add only the CA 
certificate in the Tomcat keystore... leaving the original JDK keystore 
intact??

Thanks!

------
Manuel Gil PĂ©rez 



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message