tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Luis Villa" <lvil...@gmail.com>
Subject Re: Problems with clientAuth
Date Mon, 02 Apr 2007 07:30:39 GMT
Hello Martin,

Well, at least you are lucky Internet Explorer asks for the certificate,
this is what it's supposed to do when using clientAuth="true". What is
happening to me is that all works well with clientAuth = "false", when
changing it to clientAuth="true", Firefox throws this error and IExplorer
just can't "find" the page.

About secure="true", I'm not sure what it does, I copied it from the Tomcat
5.5. SSL Howto :S

I must confess I have no clue on how to make this work


2007/3/30, Martin Cavanagh <cavanagh@con-sense-group.com>:
>
> Hi Luis.
>
> I'm pretty sure I'm having exactly the same problem as you - maybe we
> can solve it together:)
>
> When I enable client authentification in my config clientAuth="true" for
> you, since your using the Java KeyStore (I'm trying to use OpenSSL),
>
> I get exactly the same error in Firefox! (except in German ;) )
>
> In Internet Explorer I get a message, that the Server requires a
> certificate and I need to provide one and that I should select one (I
> don't have any installed in Internet Explorer).
>
> Are you sure that you don't have Client Authenification turned on?
>
> What does the setting secure="true" actually do?
>
> Good luck - let me know how you go.
>
> Martin
>
> Luis Villa wrote:
> > Hello all,
> >
> > I' a newbie un the list, so first of all I'd like to say hello to
> > everyone
> > :)
> >
> > After this, I'd like to ask for help with a problem I have configuring
> > Tomcat for digital certifications. I've followed all the steps in the
> > Tomcat
> > SSL HOWTO and my tomcat now has a secure connector in port 8443. So,
> > I've no
> > error when trying to enter http://localhost:8443
> >
> > The key in server.xml is the following:
> >
> > <Connector port="8443" maxHttpHeaderSize="8192"
> >    maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
> >    enableLookups="false" disableUploadTimeout="true"
> >    acceptCount="100" scheme="https" secure="true"
> >    clientAuth="false" sslProtocol="TLS" keystoreFile="conf\.keystore"
> > keystorePass="changeit"/>
> >
> >
> > The problem appears when changing clientAuth to true. Then, when using
> > iexplorer the browser simply can't find the page (or this is what it
> > says),
> > and when using firefox it warns about the certificate, but after
> > accepting
> > the certification it says that 'localhost has received an unexpected or
> > incorrect message. Error code: -12229'. I've been googling for two
> > days and
> > I can't find a clue about what is failing nor what means this error
> code.
> >
> > I'd be very grateful if somebody can help me with this, so my boss could
> > stop cleaning this gun of his... :P
> >
> > Thanks in advance for your help :)
> >
> > Greetings!
> >
>
>
> --
> Con-Sense-GmbH
> __
> _Martin Cavanagh_
>
> Tel.: +49541 800 83 0
> Fax: +49541 800 83 99
>
> cavanagh@con-sense-group.com <mailto:kleinewolter@con-sense-group.com>
>
> Con-Sense GmbH
> Neuer Graben 25
> 49074 Osnabrück
> www.con-sense-group.com <http://www.con-sense-group.com>
>
> Geschäftsführer Eckhard Schulz
> Amtsgericht Hildesheim HRB 3341
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message