Mahesh S Kudva wrote:
How can I have different certificate authentication for different applications and skip certificate authentication for some applications hosted on the same server.
I believe that, at least under SSL, certificates authenticate *servers* not applications, and that the Connector offers a certificate before it checks, or regardless of, the context path within that server. So you need to deploy each app at a different (virtual) host, each with a different IP address. We do this currently with 5.5.9. You can use the default keystore for all hosts, and use the (undocumented) keyAlias="myalias" Connector attribute to offer the appropriate certificate for each host, e.g. <Connector address="288.104.197.211" port="8443" scheme="https" secure="true" sslProtocol="TLS" keyAlias="mrk2" /> (in 5.5.9 you also need sslProtocol="TLS" explicitly) Paul Singleton -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.8.8/35 - Release Date: 30/Jun/2005 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]