Re: Problems with clientAuth

Fri, 30 Mar 2007 04:37:33 -0800 

Hi Luis.
I'm pretty sure I'm having exactly the same problem as you - maybe we can solve it together:) 


When I enable client authentification in my config clientAuth="true" for 
you, since your using the Java KeyStore (I'm trying to use OpenSSL),


I get exactly the same error in Firefox! (except in German ;) )


In Internet Explorer I get a message, that the Server requires a 
certificate and I need to provide one and that I should select one (I 
don't have any installed in Internet Explorer).


Are you sure that you don't have Client Authenification turned on?

What does the setting secure="true" actually do?

Good luck - let me know how you go.

Martin

Luis Villa wrote:

Hello all,


I' a newbie un the list, so first of all I'd like to say hello to 
everyone

:)

After this, I'd like to ask for help with a problem I have configuring

Tomcat for digital certifications. I've followed all the steps in the 
Tomcat
SSL HOWTO and my tomcat now has a secure connector in port 8443. So, 
I've no

error when trying to enter http://localhost:8443

The key in server.xml is the following:

<Connector port="8443" maxHttpHeaderSize="8192"
   maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
   enableLookups="false" disableUploadTimeout="true"
   acceptCount="100" scheme="https" secure="true"
   clientAuth="false" sslProtocol="TLS" keystoreFile="conf\.keystore"
keystorePass="changeit"/>


The problem appears when changing clientAuth to true. Then, when using

iexplorer the browser simply can't find the page (or this is what it 
says),
and when using firefox it warns about the certificate, but after 
accepting

the certification it says that 'localhost has received an unexpected or

incorrect message. Error code: -12229'. I've been googling for two 
days and

I can't find a clue about what is failing nor what means this error code.

I'd be very grateful if somebody can help me with this, so my boss could
stop cleaning this gun of his... :P

Thanks in advance for your help :)

Greetings!




--
Con-Sense-GmbH
__
_Martin Cavanagh_

Tel.: +49541 800 83 0
Fax: +49541 800 83 99

[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>

Con-Sense GmbH
Neuer Graben 25
49074 Osnabrück
www.con-sense-group.com <http://www.con-sense-group.com>

Geschäftsführer Eckhard Schulz
Amtsgericht Hildesheim HRB 3341

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to