Hi, Firefox ist RFC 5746 compliant. (http://www.ssltls.de/) Tomcat 6.0.29 uses JRE 1.6.22, also RFC 5746 compliant.
Renegotiation should occur, as the browser initially doesn't send the client certificate, then the user is supposed to choose a client cert. and then the browser should renegotiate the connection using the client certificate. This is where I get:
WARNUNG: SSL server initiated renegotiation is disabled, closing connection 26.10.2010 18:35:10 org.apache.tomcat.util.net.jsse.JSSESupport handShake
I was wondering, if there was any way to avoid allowUnsafeLegacyRenegotiation="true" in the SSL 443 Connector. I only want to allow safe renegotations! But I need this, as I can not configure the browser to send the client certificate at the very first request.
Any thought on this? Thanks in advance, brgs, Aron. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org