Hi All Working with Tomcat 5.0.30 on Mac OS X client authentication is not working out. Here's what i've done.
CA and Certificates 1) perl CA.pl -newca 2) perl CA.pl -newreq 3) perl CA.pl -sign 4) openssl rsa < newreq.pem > server_key.pem 5) mv newcert.pem server_cert.pem 6) mv newreq.pem server_req.pem 7) perl CA.pl -newreq 8) perl CA.pl -sign 9) mv newreq.pem client_req.pem 10) mv newcert.pem client_cert.pem 11) openssl rsa < client_req.pem > client_key.pem 12) openssl pkcs12 -export -in client_cert.pem -inkey client_key.pem -out client.p12 13) openssl x509 -in server_cert.pem -out server.x509 14) openssl pkcs12 -export -in server_cert.pem -inkey server_key.pem -out server.p12 15) keytool -genkey -alias tomcat -storepass changeit 16) keytool -import -alias TomcatCA -file demoCA/cacert.pem I then import the CA's self signed certificate to the clients machine along with the p12 certficicate (cacert.pem and client.p12) My Tomcat-users.xml file <tomcat-users> <role rolename="tomcat"/> <role rolename="role1"/> <role rolename="manager"/> <role rolename="certs"/> <role rolename="admin"/> <user username="mahesh" password="mahesh" roles="admin,manager"/> <user username="CN=Mahesh, OU=SAD, O=Robosoft, L=UDP, ST=Kar, C=IN" password="" roles="tomcat,certs"/> <user username="tomcat" password="tomcat" roles="tomcat"/> <user username="role1" password="tomcat" roles="role1"/> <user username="both" password="tomcat" roles="tomcat,role1"/> </tomcat-users> Where am i going wrong? Even if the certificates are in the client's mcahine the certificates identity windows alowys pop's up Regards & Thanks ================ Mahesh S Kudva ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
