-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mark,
On 5/31/18 10:19 AM, Mark Thomas wrote: > On 31/05/18 14:20, Jean Pierre Urkens wrote: >> I've a web application deployed under Tomcat-8.5.30 that sends >> web service (SOAP) requests (using Axis 1.4 framework) to another >> web server. >> >> The target server applies mutual SSL and the SSL handshake fails >> on finding an appropriate client certificate as requested by the >> server. >> >> I can't seem to figure out how to tell Tomcat which client >> certificate to use when requested to sends its client certificate >> during the handshake. > > This isn't Tomcat configuration. Tomcat plays no part in the > outgoing connection. You configure the connection for mutual TLS > the same way you would if you were writing a standalone client. > > Personally, I'd use the API rather than the system properties but > the choice is yours. +1 When configuring using system properties, you modify the behavior of the entire JVM. Unfortunately, while Java provides all of the tools you need, many operations require a lot of needlessly verbose code. I can reply later with some useful information, having just standardized our TLS connection information across many different kinds of API accesses with a single class that handles the configuration . - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlsRRQ4ACgkQHPApP6U8 pFjs8A//fecr9/5uoXDl5TgFL1YT3MTLyhZ2QzsM4YE7gnWzwsokoBgMiAZTwiZ7 l5/yhOKmVAqFN36gl8mhCdXQWMvD2HGGeinIt60mENb8RZ2PwuIXmHLbdpgjbniy jPGbh1OMf2PsHAXSkYnTLsznPgie0Skv4CblItpHhJ+z5L+yDD1qUY3cDmZ1oXcG 6ypVGEGiZNlla632PY136jUVDPjjvtKGR5MK5nNJGmb4TcfGbmNeWDJhKSXIW1Qh M9+ea4Ft3O2OFWuBWc/KjgIe0RGvZW8ldv9FSn5RYBr2p9yYnrjB/XEa55ORR7/T 4flGmPNFXGDFDPJgwIZ9ldpz8svvUnROyk97l6Z11T4fIiYwupDJcxNhlLrTGE2h poN1BQ3voqTyeCt9K43jZvTVxvcOYzXfsb0rqkLyfFM6/g7+FAMe4hzMuUrBAVmu XodY2K17Wa2IH9r4BaaLwWXCRDjJ5O3te8iOcXR7I2knK92HqOcnDw2kpbJh13vy XJ4RA7SxdHMJJdGQIoWQmarebpoVGAm/Yiw2rELrG0Ln4DPqlOBn3tQ4Twwzt8L+ +CM9+6Z44CbG51ANguqueOyJhDL2DNn24j0Ce7eGNHSXLKntD8TJSqIX6xj+vQLk zJs20UVXMn8xMP0m24/oxdUIvwC/nA35O4bCGruQTOggnMylhy0= =VbPQ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
