Hi, I am trying to get client authentication to work with my server. I have basically followed the Tomcat 6.0-SSL-How-TO, except I changed clientAuth="false" to client="true".
When I have clientAuth="true", I can't access my webapp at all. The server doesn't even request the client for a certificate. IE says that it cannot display the page. I checked the log, and there doesn't seem to be any errors. But when I have clientAuth="false" , I CAN access my webapp as usual. I am using a self-signed cert. I used the following command to create it: keytool -genkey -alias tomcat -keyalg RSA My server.xml looks like this: <Connector port="8443" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="7443" clientAuth="true" keystoreFile="c:\.keystore" keystorePass="changeit" truststoreFile="c:\.keystore" truststorePass="changeit" useURIValidationHack="false" secure="true" SSLEnabled="true" sslProtocol="TLS" connectionTimeout="40000" acceptCount="100" debug="1" disableUploadTimeout="true" scheme="https"/> Any help would be great. Thanks, Anna