tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Florian Rock <florianr...@web.de>
Subject Tomcat don't validate Certificate by using mod_proxy_ajp
Date Sat, 29 Jul 2006 13:56:45 GMT
Hi,
tomcat doesn't validate my client certificate when using mod_proxy_ajp:
my config:

    SSLEngine on
    SSLCertificateFile /somepath/somecert.crt
    SSLCertificateKeyFile /somepath/somecert.key
    SSLVerifyClient optional_no_ca
    SSLVerifyDepth 0
    SSLOptions +StdEnvVars +ExportCertData

SSLProxyEngine on
SSLProxyVerify optional_no_ca
SSLProxyVerifyDepth 0
<Location /f00>
    ProxyPass ajp://127.0.0.1:8009/f00
</Location>

the certificate is forwared to my application but tomcat doesn't verify
it with its truststore.

on mod_jk it works without problems:
same ssl config and the default JkOptions:
JkExtractSSL On
JkHTTPSIndicator HTTPS
JkSESSIONIndicator SSL_SESSION_ID
JkCIPHERIndicator SSL_CIPHER
JkCERTSIndicator SSL_CLIENT_CERT

someone know what is wrong?

thanks for help

Florian


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message