tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Plail <pl...@web.de>
Subject Re: Client Authentication
Date Wed, 30 Nov 2005 10:22:18 GMT
Dobson Paul L Contr 84 MSUG/GBMLBR <Paul.Dobson@HILL.af.mil> writes:

> Thanks for the additional insight into client authentication.
>
> The smart card and IE are set up correctly to prompt for a valid
> certificate.  I know this because that is how it works when I visit
> other web sites on our network that has client authentication
> implimented.  I have a feeling the problem I am having has something
> to do with Tomcat not knowing what to validate clients against.
>
> Does Tomcat use the value in the keystoreFile property to determine
> what certificates to validate client against?  If so, what entries
> should be in the keystore? If not how do I let tomcat know that CA to
> validate against?

At the moment I do not know what truststoreFile is exactly for, but for
client authentication you need to set:

 truststoreFile="${catalina.home}/conf/vnet/portalTruststore.jks"
 truststorePass="verysecret" />

In this keystore reside all the certificates with which you can
authenticate yourself on the server.

regards
Markus


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message