Hi I have followed all the instructions on this discussion, and i´m still getting the error:
HTTP Status 400 - No client certificate chain in this request Does the user cert that i´m using need to be "trusted" by cert of tomcat sever? I´m using Apache Tomcat/5.5.15, on Win Xp Pro SP2 I have generated the 2 certs like described on: http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html The acess to https://localhost:8443 works fine But the access to the restricted area https://localhost:8443/teste return the error: HTTP Status 400 - No client certificate chain in this request If i use the BASIC auth, it works, but with CLIENT-CERT it did not Is there anything wrong with my configuration? This are my configuration: server.xml : ... <Realm className="org.apache.catalina.realm.MemoryRealm" /> ... <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="want" sslProtocol="TLS" keystoreFile="c:\\certificados\\tomcat.keystore" /> <Factory className="org.apache.catalina.net.SSLServerSocketFactory" clientAuth="want" protocol="TLS" /> tomcat-users.xml : <tomcat-users> ... <role rolename="cert"/> <user username="CN=Luis Henrrique Spoladore Amaral, OU=UFSC, O=UFSC, L=Floripa, ST=SC, C=BR" password="null" roles="cert"/> </tomcat-users> web.xml: <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> <display-name>Bug 12218</display-name> <description> Test web app for bug 12218. </description> <security-constraint> <web-resource-collection> <web-resource-name>App</web-resource-name> <url-pattern>/index.htm</url-pattern> </web-resource-collection> <auth-constraint> <role-name>cert</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>CLIENT-CERT</auth-method> </login-config> <security-role> <role-name>cert</role-name> </security-role> </web-app> Thanks for your help Luis --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]