tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aron K." <>
Subject RFC 5746 compliant SSL renegotiation with client certificates
Date Tue, 26 Oct 2010 17:28:17 GMT

Firefox ist RFC 5746 compliant. (
Tomcat 6.0.29 uses JRE 1.6.22, also RFC 5746 compliant.

Renegotiation should occur, as the browser initially doesn't send the 
client certificate, then the user is supposed to choose a client cert. 
and then the browser should renegotiate the connection using the 
client certificate. This is where I get:

WARNUNG: SSL server initiated renegotiation is disabled, closing 
26.10.2010 18:35:10 

I was wondering, if there was any way to avoid 
allowUnsafeLegacyRenegotiation="true" in the SSL 443 Connector. I only 
want to allow safe renegotations! But I need this, as I can not 
configure the browser to send the client certificate at the very first 

Any thought on this?
Thanks in advance, brgs, Aron.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message