Maybe I'm wrong, but try to check the connector settings in $CATALINA_HOME/conf/server.xml for SSL.
I have the following: <Connector className="org.apache.catalina.connector.http.HttpConnector" port="7443" [skip] scheme="https" secure="true"> <Factory className="[skip]" clientAuth="false" keystorePass="[skip]" protocol="TLS"/> </Connector> in Factory element clientAuth attribute should be false, or server will need client certificate. Good luck! Alexey. ----- Original Message ----- From: "Francisco Queiros Pinto" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, September 27, 2002 10:57 AM Subject: SSL Broken in 4.1.12? > Hi, > > I've just upgraded Tomcat 4.1.10 to 4.1.12. > When trying a secure connection, the browser asks me to > accept the server certificate and seems to achieve it. > However, contrary to the previous version, now the server > generates the following error: > > ---- (catalina.out) ---- > WARNING: Exception getting SSL attributes > javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated > at > com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificateChain(DashoA62 75) > at > org.apache.tomcat.util.net.JSSESupport.getPeerCertificateChain(JSSESupport.j ava:118) > ... > ---- > > To see if there was anything wrong with the old certificate > I've created a new certificate and started tomcat again. > However, as previously, the browser still seems to open a > secure connection with the server, but the server error still > persists. > > Is this a bug or a feature related with a security vulnerability > in the previous version? > > Anyone had similar problems? > Regards, > > > -- > Francisco > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>