tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: If i configured client certificate at my browser unable to access my web app (Apace Tomcat 7.0.42/CentOs)
Date Wed, 04 Sep 2013 12:39:23 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Sushil,

On 9/4/13 8:25 AM, Sushil Prusty wrote:
> Sure, I will maintain same thread .Thanks for your input.
> 
> I just follow below link to generate CA certificate . 
> http://oshogsb.blogspot.in/2007/07/how-to-create-custom-ca-and.html(Whichwill
>
> 
help me te create custom CA certificate using OpenSSL)
> And i just  point those generated file to server.xml file.

So, you created a custom CA for your server's SSL certificate, or you
created a custom CA for your client certificates, or you created a
custom CA for both purposes? (I would recommend separate CAs for each).

> in step 13. The common name of the client must match a user in
> Tomcat's user realm (e.g.an entry in conf/tomcat-users.xml) which i
> missed out. Because of this i am unable to access client
> certificate?

Well, you can always create a user in tomcat-users.xml that matches
the "common name" of the certificate.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJSJyn7AAoJEBzwKT+lPKRYKmUP/0xXDbLu492gRT/bCNC7UGAr
kIvPYOTHEJsN6aADQet4+RW2EBMdT3vNh12yBpgCYFYfVV332SLLdHT26uqudRgp
mX9nfr303/A6EjtSbnuageYfeTzKTC90/PERdVB6QlIrbQ9jEIodIb6zEkA22Ou+
/EGitRexT1GX5UqxgUEEKt4U+9WyuzEEHG2AadxC+2VLj3pHTPuapYreCFQucSZZ
RH2ZHx8FXL0XOCpgT1ohbi9At85LCKbwFJL3poutidtXA2S0PKhMYZYgTGUt+O5I
FCsvXZ7OlEo/SpFVVN9uKseOZpOKXtHJV+cAZ7WBhT1c+LM+v76gfZv+0dw5SH7v
lYRngU+GRDFzeUxGto6uc7XNcGHx7sgrZCTRJdauuhmXnBc0k6L+PSVeVt8hN9I3
LAk9g+ZHnAYX72oRVWhXPqOtZXSikDTpcC5zOMFLCgAD9MdV02L4fJlyww9EtyRV
qIWsoRQWLoR/V0GOmOOMNFPKvu2bHd8MRDNtQG3SJ0vLlf9eQfrQP2/zc6J0T/p/
MN5R61mxasLJFUecCk7N0X1pcOyN3N+scpOOCP4EpiaPol8kXlHNGl1cq3HVJf8P
RsiBRz94syt90UE3btcZYQRGWF2J2ZUpnSzGBZBL48PvKrNZV3dN+TD4nEIE+2Ol
3PCjR+YCB5Ms+PqvMg6C
=J+F9
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message