Hi,
I am using clientAuth on Tomcat 5.5.30, JVM version 1.6.0_21-b06 from
Sun on Linux. The client certificates are self-generated and signed as I
am acting as CA for the client certificates. Authentication is working
as expected until the certificate expiry date is reached which is when I
am getting "ssl_error_certificate_unknown_alert" errors returned and the
connection is refused. I would like Tomcat to be more tolerant and
continue accepting the certificate even after its expiration. Is there a
way to change the configuration such that this can be achieved?
Note: Sun's JSSE implementation by default (in contrast to IBM's)
accepts expired self-signed certificates - I also found this to be the
case when my Java application is communicating direct with an Apache
Derby Data Base Server running SSL. I would like the same tolerance and
behaviour be evidenced when connecting via Tomcat in a web/browser based
application environment.
Thanks
Thomas
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
