tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bengt Bäverman <>
Subject Using Tomcat and certificates from CAcert
Date Tue, 26 Jul 2005 14:40:58 GMT
Can you please tell med what's wrong with this setup?

I have one server runnig Fedora Core 3 and Tomcat 5.5.9 with Java 1.5.0_04. 
Tomcat is setup to require a client  certificate. 
For this server I have generated a server cert and installed it.

I have one client running Windows 2000 SP4 with IE 6.0 and Firefox 1.0.4
For this client I have installed the same client certificate in both browsers.

All certificates come from CAcert.
Before I found CAcert I played a little bit with Javas keytool and created two certificates.

The server asked the client for a certificate, but my certificate on the client was not recognized
when asked to select one. It simple was not in the list.
So I assumed that the server setup (at least the Tomcat part) is OK, but the client setup
was wrong (and I don't mean Windows here... :-))

When I skipped the Java keytoolcertificates and tried certificates from CAcert I get absolutely
no response when running with IE.
IE just says that the server cannot be found. When trying with Firefox I get an error message
stating that the server
and the client cannot establish a connection as they have no common crypto algorithm  (except
I get the error message in Swedish...).

What can possibly be wrong?

Thanks in advance!

  When I generated the cert req with keytool I first tried with out stating a key length or
algorith the when I tried again I used RSA and 1024 bits.
  Still no cigar.
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message