-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Thursday, November 9, 2017 11:16 AM
To: users@tomcat.apache.org
Subject: Re: Question related to mutual authentication
Mark,
On 11/9/17 5:02 AM, Mark Thomas wrote:
> On 8 November 2017 21:09:11
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 11/9/17 5:02 AM, Mark Thomas wrote:
> On 8 November 2017 21:09:11 GMT+00:00, Nicolas Therrien
> wrote:
>
>
>
>> My understanding is that when "certificateVerification" is set
>> to "required", the server would perform the same verificat
On 8 November 2017 21:09:11 GMT+00:00, Nicolas Therrien
wrote:
>My understanding is that when "certificateVerification" is set to
>"required", the server would perform the same verification as the
>client does, that is:
>
>1) Verify the incoming certificate is signed by an authority that is
>p
Hi!
I have successfully set up mutual authentication on a Tomcat 9.0.1 server
running on CentOS 6.5. To do my testing, I use a Java program that I wrote to
verify my understanding of SSL and the server configuration.
My question is about the server-side verification of the client certificate
