Hi Luis.
I'm pretty sure I'm having exactly the same problem as you - maybe we
can solve it together:)
When I enable client authentification in my config clientAuth="true" for
you, since your using the Java KeyStore (I'm trying to use OpenSSL),
I get exactly the same error in Firefox! (except in German ;) )
In Internet Explorer I get a message, that the Server requires a
certificate and I need to provide one and that I should select one (I
don't have any installed in Internet Explorer).
Are you sure that you don't have Client Authenification turned on?
What does the setting secure="true" actually do?
Good luck - let me know how you go.
Martin
Luis Villa wrote:
Hello all,
I' a newbie un the list, so first of all I'd like to say hello to
everyone
:)
After this, I'd like to ask for help with a problem I have configuring
Tomcat for digital certifications. I've followed all the steps in the
Tomcat
SSL HOWTO and my tomcat now has a secure connector in port 8443. So,
I've no
error when trying to enter http://localhost:8443
The key in server.xml is the following:
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="conf\.keystore"
keystorePass="changeit"/>
The problem appears when changing clientAuth to true. Then, when using
iexplorer the browser simply can't find the page (or this is what it
says),
and when using firefox it warns about the certificate, but after
accepting
the certification it says that 'localhost has received an unexpected or
incorrect message. Error code: -12229'. I've been googling for two
days and
I can't find a clue about what is failing nor what means this error code.
I'd be very grateful if somebody can help me with this, so my boss could
stop cleaning this gun of his... :P
Thanks in advance for your help :)
Greetings!
--
Con-Sense-GmbH
__
_Martin Cavanagh_
Tel.: +49541 800 83 0
Fax: +49541 800 83 99
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Con-Sense GmbH
Neuer Graben 25
49074 Osnabrück
www.con-sense-group.com <http://www.con-sense-group.com>
Geschäftsführer Eckhard Schulz
Amtsgericht Hildesheim HRB 3341
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]