Hi all,
Has anybody managed to add additional trusted Certificate Authority's
to those available with the default Orion install?
After configuring Orion to use SSL using the provided docco I
accessed the secure site and bingo, worked first time (as opposed
to iPlanet, Tomcat!). However I need to use client-auth
(authentication from client certificates) so the next step was
to turn client-auth on.
Unfortunately the client certificates installed in my browser
have been issued by my companies' own CA (not by Verisign & Co),
and it looks as though Orion is not prepared to trust client
certificates signed by this CA. I'm guessing this because when
IE provides a list of client certificates to submit to the Orion
challenge, the list is empty. Presumably this means Orion is
not listing my companies' CA in the list of CA's it is prepared
to trust??
I have tried adding my companies' CA certificate to the 'cacerts'
keystore believing that Orion might be picking up its list of trusted
CA's from there. Unfortunately that did not work...still an empty
list of client certs provided by IE (I do know the client certs are
installed correctly in IE as other SSL servers here can request and
use them...)
Any thoughts on how to add trusted CA's to Orion greatly
appreciated...!!
Dave Elliot
[EMAIL PROTECTED]
_____________________________________________________________________________________
Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com
