Hi, The tomcat-ssl-howto document is clear on how to set up a server certificate sufficient for server authentication, and evidently a number of people on this list have been able to get far enough with client authentication to see Internet Explorer show the empty Client Authentication dialog. My problem is how to get farther than that. How do I get the Client Authentication dialog to actually give me one or more usable certificates to choose from? I have tried getting a client authentication certificate and installing it on IE. (Go to http://sectestca1.rte.microsoft.com. Click on "Local Standalone CA". Then (1) download a certificate. (2) request a CA certificate.) However, this has no effect on the problem. I have tried extracting the tomcat-ssl-howto server certificate with keytool -export -alias tomcat -file tomcat.cer -keystore <TOMCAT_HOME>/conf/keystore, and importing that certificate into IE. This works, but it has no effect on the problem. I have tried exporting the CA certificate from step(2) above out of IE and importing it into <TOMCAT_HOME>/conf/keystore. This also has no effect on the problem. Could someone please say how to do this correctly? Jeff --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED]