Hi!
I have a problem with Tomcat 4.0.6 and SSL client authentication. When I use the
Internet Explorer browser (v6.0) and I try to access the secure URL (for example
https://whatever:8043), an empty list of certificates is presented. However, if I use
Mozilla 1.4 or Netscape 4.76, the client certificates are presented and the secure
pages are available.
The following environment is used:
+ jdk1.3.1_08
+ Microsoft Certificate Server
+ Tomcat 4.0.6
My server.xml file has the following element:
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="10" debug="3" scheme="https" secure="true"
connectionTimeout="20000"
useURIValidationHack="false">
<Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
clientAuth="true"
keystoreFile="C:\Documents and Settings\araton\.keystore"
keystorePass="changeit" protocol="TLS"/>
</Connector>
I have also created the keystores and the cacerts (for trusted certificates) files.
Tomcat also finds the cacerts file because I've added the following parameters in the
Tomcat enviroment variables (and because I've seen it in the debug console):
-Djavax.net.ssl.trustStore=c:\path_to_cacerts\cacerts
-Djavax.net.ssl.trustStorePassword=changeit
I have defined my own CA, my server-tomcat certificate signed by the CA and in order
to create the client certificates, I've used the Certificate Server web tool, asking
for a web certificate using each browser (Netscape-IE-Mozilla) and installing the
client certificate from the browser.
Could you help me please?
If more info is needed, please tell it to me and I will try to explain the problem
with higher detail.
Thanks in advance and sorry if my english is too simple...
Antonio Ratón
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.511 / Virus Database: 308 - Release Date: 18/08/2003
-------------------------------------------------------------------------------------------------------------------
Este correo electrónico y, en su caso, cualquier fichero anexo al mismo, contiene
información de carácter confidencial exclusivamente dirigida a su destinatario o
destinatarios. Queda prohibida su divulgación, copia o distribución a terceros sin la
previa autorización escrita de Indra. En el caso de haber recibido este correo
electrónico por error, se ruega notificar inmediatamente esta circunstancia mediante
reenvío a la dirección electrónica del remitente.
The information in this e-mail and in any attachments is confidential and solely for
the attention and use of the named addressee(s). You are hereby notified that any
dissemination, distribution or copy of this communication is prohibited without the
prior written consent of Indra. If you have received this communication in error,
please, notify the sender by reply e-mail
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
