Hi,
Firefox ist RFC 5746 compliant. (http://www.ssltls.de/)
Tomcat 6.0.29 uses JRE 1.6.22, also RFC 5746 compliant.
Renegotiation should occur, as the browser initially doesn't send the
client certificate, then the user is supposed to choose a client cert.
and then the browser should renegotiate the connection using the
client certificate. This is where I get:
WARNUNG: SSL server initiated renegotiation is disabled, closing
connection
26.10.2010 18:35:10 org.apache.tomcat.util.net.jsse.JSSESupport
handShake
I was wondering, if there was any way to avoid
allowUnsafeLegacyRenegotiation="true" in the SSL 443 Connector. I only
want to allow safe renegotations! But I need this, as I can not
configure the browser to send the client certificate at the very first
request.
Any thought on this?
Thanks in advance, brgs, Aron.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
|