Hi,
I suggest to follow this guide:
https://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
On 11/5/19 2:29 PM, thulasiram k wrote:
> Hi,
>
> we have installed tomcat 7.0.94 on windows 2016 and no SSL enabled. But
> while qualys scan we found the below vulnerability. can you guide how can
> we
Thank you all for the suggestions.
Based on the documentation, my setup should work: The server certificate
is already processed and accepted (I know that because I could not get
it right at the first try). The driver is supposed to work with a PEM
certificate and a pkcs-8 DER encoded key, and
rePassword=changeit");
>
> Connection c = DriverManager.getConnection(sb.toString());
>
> and convert the pem certificate to JKS/P12 ? I have this working in
> mysql...
>
> Peter
>
> Am 2019-10-22 12:56, schrieb Magosányi Árpád:
>> Hi!
>>
>>
Hi!
Anyone have a postgresql jndi datasource with certificate authentication
working?
I have the following in context.xml:
I have this in ~tomcat/.postgresql:
root@market:/var/lib/tomcat9/.postgresql# ls -lL
total 11
-rw-r--r-- 1 root root 4597 Oct 21 12:49 postgresql.crt
On 10/7/19 11:29 PM, André Warnier (tomcat) wrote:
>
> DirectoryIndex off
> RewriteEngine Off
> AuthType openid-connect
> AllowOverride None
> AuthzDBDQuery "a correct database query"
> Require dbd-group allrepo
> LogLevel debug
>
Nice. It have solved the problem,
On 10/7/19 8:20 PM, André Warnier (tomcat) wrote:
>
> Forgot the atribute 'tomcatAuthentication="false"' in the Connector ?
>
Yes, I did, however adding it back did not improve the situation.
My server.xml now:
> Magosányi,
>
> >> How are you getting the attributes from the request?
>
> > This is the filter code:
>
>
> > String user = httpRequest.getRemoteUser(); Object cert =
> > httpRequest.getAttribute("javax.servlet.request.X509Certificate");
> > this.context.log("user:"+user);
>
> This won't show
> Magosányi,
>
> On 10/7/19 10:37, Magosányi Árpád wrote:
> > I intend to use the user and certificate info in a Filter.
>
> > I think I have configured everything to do that, but the
> > information does not get passed along. Based on various
> > documentations
I intend to use the user and certificate info in a Filter.
I think I have configured everything to do that, but the information does not
get passed along. Based on various documentations and howtos, SSLVerifyClient
require, SSLOptions +StdEnvVars and SSLOptions +ExportCertData and JkExtractSSL