Christopher Cain wrote: [snip] > I could be wrong, I'm just asking. If the Tomcat container itself is > not > involved in the authentication process, one would not expect that a > webapp has access to the client cert anyway. Is that right? To clarify, I meant "access to the full chain." If Apache (or whichever) has authenticated the chain, then the connector should just be able to pass the client cert itself, without the entire chain. One would not necessarily expect that Tomcat has access to the entire chain under those conditions, since it knows that it is involved in a secure connection, but it is in no way involved in the actual authentication. That's my take, anyway. - Christopher
- RE: SSL Attributes Ignacio J. Ortega
- RE: SSL Attributes GOMEZ Henri
- RE: SSL Attributes GOMEZ Henri
- RE: SSL Attributes Craig R. McClanahan
- Re: SSL Attributes Christopher Cain
- RE: SSL Attributes GOMEZ Henri
- Re: SSL Attributes Christopher Cain
- RE: SSL Attributes Craig R. McClanahan
- RE: SSL Attributes GOMEZ Henri
- Re: SSL Attributes Christopher Cain
- RE: SSL Attributes Christopher Cain
- RE: SSL Attributes GOMEZ Henri
- Re: SSL Attributes Christopher Cain
- RE: SSL Attributes Craig R. McClanahan
- Re: SSL Attributes Christopher Cain
- RE: SSL Attributes GOMEZ Henri
- Re: SSL Attributes Christopher Cain
- RE: SSL Attributes Ignacio J. Ortega
- Re: SSL Attributes jean-frederic clere
- RE: SSL Attributes cmanolache
- RE: SSL Attributes GOMEZ Henri
