tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Plail <>
Subject Re: Client Authentication
Date Wed, 30 Nov 2005 10:22:18 GMT
Dobson Paul L Contr 84 MSUG/GBMLBR <> writes:

> Thanks for the additional insight into client authentication.
> The smart card and IE are set up correctly to prompt for a valid
> certificate.  I know this because that is how it works when I visit
> other web sites on our network that has client authentication
> implimented.  I have a feeling the problem I am having has something
> to do with Tomcat not knowing what to validate clients against.
> Does Tomcat use the value in the keystoreFile property to determine
> what certificates to validate client against?  If so, what entries
> should be in the keystore? If not how do I let tomcat know that CA to
> validate against?

At the moment I do not know what truststoreFile is exactly for, but for
client authentication you need to set:

 truststorePass="verysecret" />

In this keystore reside all the certificates with which you can
authenticate yourself on the server.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message