The authorty who issues the certificate has to be authorized(imported) in the browser. Then the certificate has to be imported into the browser. The server's host name must match the host name in its certificate. Then the client's host name must match the host name in its certifcate. Do not forget add a user in tomcat-user.xml Please search postings of Gael and Frank on SSL for more instrution. I will poste it on https://breakevilaxis.org later. Frank Peng.
-----Original Message----- From: Gaël Lams <[EMAIL PROTECTED]> To: Tomcat Users List <users@tomcat.apache.org> Sent: Tue, 20 Jun 2006 08:43:53 +0200 Subject: Re: Tomcat 5.5.17 APR/SSL Client Certificat Hi, > I cannot obtain client certificate with SSL/client certificate > authentication using APR components > ... It's probably a stupid question, but did you generate the client certificate and did you import in the browser from which you are trying to connect to your application? How did you create it? You made no reference to that part Regards, Gaël