tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Clinton J. Totten" <cjtot...@vsticorp.com>
Subject RE: Setting ClientAuth parameter to true
Date Wed, 26 Sep 2007 12:57:45 GMT
>From inspection of your connector properties it looks like your missing
the keystoreType attribute and the truststoreType attribute.  If you
check the documentation via this link
(http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html) it will tell
you what you can have as a value in this field.

-----Original Message-----
From: Subhash.NarayananDroupathy@cognizant.com
[mailto:Subhash.NarayananDroupathy@cognizant.com] 
Sent: Wednesday, September 26, 2007 8:31 AM
To: users@tomcat.apache.org
Subject: Setting ClientAuth parameter to true


Hi,

 

I am unable to set client authentication for SSL in tomcat 5.5.2. I have
generated the certificate for the client and imported the same into the
server's keystore so that the server can verify the client's
certificate. The following is the modification I make on server.xml.

 

    <Connector port="8443" maxHttpHeaderSize="8192"

               maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"

               enableLookups="false" disableUploadTimeout="true"

               acceptCount="100" scheme="https" secure="true"

               clientAuth="true" sslProtocol="TLS" 

 
keystoreFile="D:\Projects\Starwood\WSOverSSL\axis\server.keystore"
keystorePass="xxxxxx" 

 
truststoreFile="D:\Projects\Starwood\WSOverSSL\axis\server.keystore"
truststorePass="xxxxxx " />

 

once this change is done and the server is restarted, I am not able to
hit this url https://localhost:8443 <https://localhost:8443/> .

 

At the same time, if I change the value of clientAuth back to "false" I
am able to access the url.

 

Can some pls help where I went wrong?

 

Thanks,

-Subhash-



This e-mail and any files transmitted with it are for the sole use of
the intended recipient(s) and may contain confidential and privileged
information.
If you are not the intended recipient, please contact the sender by
reply e-mail and destroy all copies of the original message. 
Any unauthorized review, use, disclosure, dissemination, forwarding,
printing or copying of this email or any action taken in reliance on
this e-mail is strictly 
prohibited and may be unlawful.

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message