tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filip Hanik - Dev Lists <devli...@hanik.com>
Subject Re: Setting ClientAuth parameter to true
Date Wed, 26 Sep 2007 19:01:40 GMT
Your trust store will need to contain the cert the client is supposed to 
send up,

Filip

Subhash.NarayananDroupathy@cognizant.com wrote:
> Hi,
>
>  
>
> I am unable to set client authentication for SSL in tomcat 5.5.2. I have
> generated the certificate for the client and imported the same into the
> server's keystore so that the server can verify the client's
> certificate. The following is the modification I make on server.xml.
>
>  
>
>     <Connector port="8443" maxHttpHeaderSize="8192"
>
>                maxThreads="150" minSpareThreads="25"
> maxSpareThreads="75"
>
>                enableLookups="false" disableUploadTimeout="true"
>
>                acceptCount="100" scheme="https" secure="true"
>
>                clientAuth="true" sslProtocol="TLS" 
>
>  
> keystoreFile="D:\Projects\Starwood\WSOverSSL\axis\server.keystore"
> keystorePass="xxxxxx" 
>
>  
> truststoreFile="D:\Projects\Starwood\WSOverSSL\axis\server.keystore"
> truststorePass="xxxxxx " />
>
>  
>
> once this change is done and the server is restarted, I am not able to
> hit this url https://localhost:8443 <https://localhost:8443/> .
>
>  
>
> At the same time, if I change the value of clientAuth back to "false" I
> am able to access the url.
>
>  
>
> Can some pls help where I went wrong?
>
>  
>
> Thanks,
>
> -Subhash-
>
>
>
> This e-mail and any files transmitted with it are for the sole use of the intended recipient(s)
and may contain confidential and privileged information.
> If you are not the intended recipient, please contact the sender by reply e-mail and
destroy all copies of the original message. 
> Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying
of this email or any action taken in reliance on this e-mail is strictly 
> prohibited and may be unlawful.
>   
> ------------------------------------------------------------------------
>
> No virus found in this incoming message.
> Checked by AVG Free Edition. 
> Version: 7.5.488 / Virus Database: 269.13.30/1027 - Release Date: 9/24/2007 11:27 AM
>   


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message