tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lampa <>
Subject Re: problem about ssl
Date Fri, 26 Dec 2008 05:52:43 GMT

The specified certificate is entrusted by CA , if not, I think TOMCAT must
verify the certificate and SSL connection must be failed .
I don't think there is any problem about my idea. I just want to implement
something that choosing the certificate by  ActiveX control,not by users.
Yes, maybe  I submit the question in other mail-lists. 


Gregor Schneider wrote:
> Actually your approach is breaking SSL-security. Among other things
> SSL is bsed on TRUST. Therefore, if an unkown or self-signed
> certificate is used, any browser should inform the user that the cert
> is not signed by a CA.
> If you want to implement a way to circumvent said behaviour,
> personally I do not see any sense in doing so but tricking the user to
> accept a certificate wich is not trusted.
> Maybe I misunderstand your intentions.
> Besides, your problem is not a Tomcat-issue but a browser-issue (if
> any). Therefore, I suggest you place your request in the appropiate
> mailinglists / newsgroups.
> Gregor
> -- 
> just because your paranoid, doesn't mean they're not after you...
> gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
> gpgp-key available @
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

View this message in context:
Sent from the Tomcat - User mailing list archive at

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message