I have changed my original configuration to include the *keystoreFile* and
the *truststoreFile* within the connector. This allows client
authentication to occur correctly even though it was already defined via
the *SSLCACertificateFile* and the *SSLCACertificatePath* keys in the
connector. Mark, yo
On 28/01/2025 17:16, Timothy Resh wrote:
Chris and Mark,
The following properties are set via Introspection and are used by a SOAP
call in a hosted Java web app.
System.setProperty("javax.net.ssl.keyStore", keyStorePath);
System.setProperty("javax.net.ssl.keyStorePassword", clearText);
System.s
Chris and Mark,
The following properties are set via Introspection and are used by a SOAP
call in a hosted Java web app.
> System.setProperty("javax.net.ssl.keyStore", keyStorePath);
> System.setProperty("javax.net.ssl.keyStorePassword", clearText);
> System.setProperty("javax.net.ssl.trustStore",
Jon,
On 1/23/25 1:17 PM, Mcalexander, Jon J. wrote:
From: Christopher Schultz
Sent: Wednesday, January 22, 2025 11:19 AM
To: users@tomcat.apache.org
Subject: Re: Openssl Connector configuration for Dynamic Client Authorization
does not work.
>
There is also Vault for Tomcat[2], which I h
Christopher,
From: Christopher Schultz
Sent: Wednesday, January 22, 2025 11:19 AM
To: users@tomcat.apache.org
Subject: Re: Openssl Connector configuration for Dynamic Client Authorization
does not work.
Thomas, On 1/21/25 2: 08 PM, Timothy Resh wrote: > In the old configuration we
were a
Thomas,
On 1/21/25 2:08 PM, Timothy Resh wrote:
In the old configuration we were able to hide the password using the
following parameter in the config
SSLPassword="${KSENC(6qXemkaMkIOCflnMN4pErQ==;
C:\\Certificate\Keystore\Tomcat SAMM Vessel.p12)}"
We then used this
org.apache.tomcat.util.dige
On 21/01/2025 19:08, Timothy Resh wrote:
Good afternoon,
If I use this configuration, then the prompts for the client auth work,
where the intermediate.p12 file has all the intermediates from DOD ID CAx
imported. I do not see where the caCertificatePath can be used in this
configuration.
OK.
Good afternoon,
If I use this configuration, then the prompts for the client auth work,
where the intermediate.p12 file has all the intermediates from DOD ID CAx
imported. I do not see where the caCertificatePath can be used in this
configuration.
In the old configuration we were able to hid
Timothy,
On 1/14/25 4:58 PM, Timothy Resh wrote:
What do you mean when you say "dynamic client auth"?
>
Dynamic in so far as you drop an intermediate ca and hash link into a
directory, to allow tomcat to recognise the new client. Ex.. DOD CAC
cards. I believe you indicated using the caCertifi
What do you mean when you say "dynamic client auth"?
Dynamic in so far as you drop an intermediate ca and hash link into a
directory, to allow tomcat to recognise the new client. Ex.. DOD CAC
cards. I believe you indicated using the caCertificatePath or
caCertificateFile for this.
I'm trying to c
Timothy,
On 1/13/25 9:58 AM, Timothy Resh wrote:
This system and configuration I inherited and was told it works and it
should have been working in earlier Tomcat versions like 8. We have
hundreds of installations so having a Dynamic client auth is paramount.
What do you mean when you say "dyn
Thank you for your reply.
This system and configuration I inherited and was told it works and it
should have been working in earlier Tomcat versions like 8. We have
hundreds of installations so having a Dynamic client auth is paramount.
I have tried several versions of Tomcat 9.079 to 9.089 and
Timothy
> Am 09.01.2025 um 17:15 schrieb Timothy Resh :
>
> The following is a configuration that we have used to set up the Client
> Authorization to work in Tomcat. We use introspection
> the IntrospectionUtils.PropertySource to decipher the password and set the
> following environment variable
13 matches
Mail list logo
