tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Puneet Dewan <puneet.dewan.open...@gmail.com>
Subject Re: Client Authentication using SSL
Date Thu, 12 Jul 2012 16:49:39 GMT
Excellent suggestions and the link at the bottom .
On my local machine using keystore and keypass was not working while I was
configuring a WAR on https.
I made use of truststoreFile and truststorePass in connector tag.
e.g

< Connector SSLEnabled="true"
  		   acceptCount="100"
                   connectionTimeout="20000"
                   executor="tomcatThreadPool"
                   keyAlias="tomcat"
                   keystoreFile="${catalina.base}/conf/tomcat.keystore"
                   keystorePass="changeme"

                   truststoreFile="${catalina.base}/conf/tomcat.keystore"
                   truststorePass="changeme"
maxKeepAliveRequests="15"
                   port="8443"
                   protocol="org.apache.coyote.http11.Http11Protocol"
                   redirectPort="8443"
                   scheme="https"
                   secure="true"/>



On Wed, Jul 11, 2012 at 10:05 PM, Jeffrey Janner <
Jeffrey.Janner@polydyne.com> wrote:

> Looking into implemented two-factor Auth for Tomcat with first factor
> being our current userid/password form.
> I figured that the second factor could be Client Authentication using SSL,
> as it seems readily available in Tomcat.
> Aside from the wonderful Tomcat documentation on configuring the
> <connector> element, does anyone else have any suggested reading on the
> subject?
> Any gotchas I should look for?
>
> Jeffrey Janner
> __________________________________________________________________________
>
> Confidentiality Notice:  This Transmission (including any attachments) may
> contain information that is privileged, confidential, and exempt from
> disclosure under applicable law.  If the reader of this message is not the
> intended recipient you are hereby notified that any dissemination,
> distribution, or copying of this communication is strictly prohibited.
>
> If you have received this transmission in error, please immediately reply
> to the sender or telephone (512) 343-9100 and delete this transmission from
> your system.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message