tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Luis Villa" <lvil...@gmail.com>
Subject Re: Problems with clientAuth
Date Mon, 02 Apr 2007 07:34:54 GMT
Ok, I forgot!

I used both keytool and openssl, it seems the problem is not there as Tomcat
gives the same error with both.

Greetings!

2007/4/2, Luis Villa <lvillap@gmail.com>:
>
> Hello Martin,
>
> Well, at least you are lucky Internet Explorer asks for the certificate,
> this is what it's supposed to do when using clientAuth="true". What is
> happening to me is that all works well with clientAuth = "false", when
> changing it to clientAuth="true", Firefox throws this error and IExplorer
> just can't "find" the page.
>
> About secure="true", I'm not sure what it does, I copied it from the
> Tomcat 5.5. SSL Howto :S
>
> I must confess I have no clue on how to make this work
>
>
> 2007/3/30, Martin Cavanagh < cavanagh@con-sense-group.com>:
> >
> > Hi Luis.
> >
> > I'm pretty sure I'm having exactly the same problem as you - maybe we
> > can solve it together:)
> >
> > When I enable client authentification in my config clientAuth="true" for
> > you, since your using the Java KeyStore (I'm trying to use OpenSSL),
> >
> > I get exactly the same error in Firefox! (except in German ;) )
> >
> > In Internet Explorer I get a message, that the Server requires a
> > certificate and I need to provide one and that I should select one (I
> > don't have any installed in Internet Explorer).
> >
> > Are you sure that you don't have Client Authenification turned on?
> >
> > What does the setting secure="true" actually do?
> >
> > Good luck - let me know how you go.
> >
> > Martin
> >
> > Luis Villa wrote:
> > > Hello all,
> > >
> > > I' a newbie un the list, so first of all I'd like to say hello to
> > > everyone
> > > :)
> > >
> > > After this, I'd like to ask for help with a problem I have configuring
> >
> > > Tomcat for digital certifications. I've followed all the steps in the
> > > Tomcat
> > > SSL HOWTO and my tomcat now has a secure connector in port 8443. So,
> > > I've no
> > > error when trying to enter http://localhost:8443
> > >
> > > The key in server.xml is the following:
> > >
> > > <Connector port="8443" maxHttpHeaderSize="8192"
> > >    maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
> > >    enableLookups="false" disableUploadTimeout="true"
> > >    acceptCount="100" scheme="https" secure="true"
> > >    clientAuth="false" sslProtocol="TLS" keystoreFile="conf\.keystore"
> > > keystorePass="changeit"/>
> > >
> > >
> > > The problem appears when changing clientAuth to true. Then, when using
> > > iexplorer the browser simply can't find the page (or this is what it
> > > says),
> > > and when using firefox it warns about the certificate, but after
> > > accepting
> > > the certification it says that 'localhost has received an unexpected
> > or
> > > incorrect message. Error code: -12229'. I've been googling for two
> > > days and
> > > I can't find a clue about what is failing nor what means this error
> > code.
> > >
> > > I'd be very grateful if somebody can help me with this, so my boss
> > could
> > > stop cleaning this gun of his... :P
> > >
> > > Thanks in advance for your help :)
> > >
> > > Greetings!
> > >
> >
> >
> > --
> > Con-Sense-GmbH
> > __
> > _Martin Cavanagh_
> >
> > Tel.: +49541 800 83 0
> > Fax: +49541 800 83 99
> >
> > cavanagh@con-sense-group.com <mailto:kleinewolter@con-sense-group.com>
> >
> > Con-Sense GmbH
> > Neuer Graben 25
> > 49074 Osnabrück
> > www.con-sense-group.com <http://www.con-sense-group.com>
> >
> > Geschäftsführer Eckhard Schulz
> > Amtsgericht Hildesheim HRB 3341
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message