First you need to import you CA cert into a JKS keystore file (usually different from the one that you are using for Tomcat's keystore). Since you are using 4.1.x, you then need to add: -Djavax.net.ssl.trustStore=/path/to/truststore/file to the command line that starts Tomcat. (For TC 5, you would add truststoreFile="/path/to/truststore/file" to the Connector element in server.xml). After that, Tomcat should start accepting you client certs.
"Julie McCabe" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hello, > > I am trying to use SSL authenitcation with X509 certificates. The certifcates > are not in the Java keystore. I would like to know how to get my certificate > whichi is signed by a specific CA into the keystore and use the https > connector. > > I have found some documentation on the web but have had little success with > getting my certificates into the keystore and SSL Connector configuration. I > know my certificates are valid, maybe I am missing something with regards to > the CA which signed the certifcate. I am using tomcat 4.1.27, Red Hat Linix > 9.0. > > Thanks, > Julie. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]