-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Diago,
On 1/24/17 11:40 AM, Macca, Diego wrote: > On 1/24/17 8:24 AM, Macca, Diego wrote: >>> Has somebody of you ever tried to configure certificate mutual >>> authentication between a MS IIS webserver and a Tomcat >>> instance? > >> You want IIS to present a client certificate to Tomcat? Tomcat >> shouldn't have a problem with that. > > Yes, that's what I need. Tomcat does not have any problem and it > works well with Apache. It seems that IIS is not able to present > the certificate when I configure it as reverse proxy (so when it > should act as a client). > >>> Does somebody know if this is even possible in IIS ? > >> You'd have to configure IIS's HTTP proxy to use a client >> certificate. > > Do you know how to configure it ? I mean, IIS does the reverse > proxy things but I need it also to send the present to Tomcat. I don't know at all how to configure it, unfortunately. Do you need to have IIS *forward* the actual client's certificate to Tomcat, or do you want to use a static client cert just from IIS? If you want to forward the cert, you might find this useful: https://blogs.msdn.microsoft.com/asiatech/2014/01/27/configuring-arr-wit h-client-certificate/ >>> I usually do it very well with Apache but this time I'm >>> requested to put in front of Tomcat an IIS webserver. > >> I'm sorry I can't help with this, but I'd be interested in >> hearing the solution. There are a number of people here who with >> with IIS. If nobody answers after a while, I'll see if I can >> find someone through $work who might be able to answer. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJYh8oaAAoJEBzwKT+lPKRYQlYQAKUQR0U7jHwJbvKHycp4mFO5 H0vS5EQdALDCWeTrgWJXaL7J28ianlJCCTcdbUn8WS8NvQRv6zEgK3A81rDWATLt nxNCbmU4l6G9vsH/ux4fNqz5t75RtTLnnnwW4Y3D1iXQEKJGAY6z42sy4hxhEFlL OEg11WY37/X3K0U2xeYlfvOxWk4iCblMWYAsAMJe3rAtIJg2padTv78/ZQOw+eZ1 IR3vBtXf9Ez22i21Dtiyxmz3LsLAAMWYlSKPhuEnO6Rj0/P2TPaS9+uo+6u2DwYa w2wHLbBUo0zwv2ETdDmkMhSqkhQpuVobj0BzlePzBJNA3sEqXUrF9R+cys793ZOi MjCQOnWEhax0ub3P6UuIbxa1EkeWgaZyHPBhKtUWO1h1pyKUo63sIdpKa56A1Z7w hQc5+i6e/bpj3rqeT+zQWQLvs1jkdtE7fCvw+cyuvkLqt7ZPOJQQcnK4JmXjFUWJ az9lVz3ehSVfhs74UyMm1aHZNnBS03TroIwQHAOXqOtcBP5kfJoMJpVZpR/e7j1I uFcs9X4++SPiLSWYmrqS2zeBnoelnIV6lXhqA8keAoiu0ywZhRwnpSGyk12ID5H2 489aDC/6joDmuUG8JGtCsy3aSTdLSnCCg5h4OAG3J4fYXN4+8nRRz58bo+VWC6dU qMs2/iXD7OXHA2/X+qIu =gYnf -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org