tomcat-user question... but: Can your server reach the CA for the client certificate? AFAICR it must check the cert is valid..
-----Original Message----- From: patrick.luby Sent: 15 March 2002 17:11 To: tomcat-dev Cc: patrick.luby Subject: Re: setting up tomcat to accept client certificate Kunal, This is exactly how the code is supposed to work: the certificate is *not* fetched from the client if the parameter is set to 'false'. Patrick kunal kaviraj wrote: > > Hi All, > Whenever I try to set the parameter clientAuth="true" in the server.xml to > accept client certificate from the user, after restarting Tomcat starts up > well, but then I get 'Cannot find server' error when I try to access the > https sites. But the http sites work perfectly. > But when this parameter is set to 'false' https and http both works > perfectly, though the client is not asked for certificate. > The server certificate I am using has been generated by keytool. > The client certificate is a third party one. > I am using Tomcat standalone version 4.0.1 with jdk1.3.1 > I have downloaded the jsse1.0.2 and put the 3 jar files in the jdk ext path. > Any pointer will be really helpful. > Thanks > Kunal > > _________________________________________________________________ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- _____________________________________________________________________ Patrick Luby Email: [EMAIL PROTECTED] Sun Microsystems Phone: 408-276-7471 901 San Antonio Road, USCA14-303 Palo Alto, CA 94303-4900 _____________________________________________________________________ -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> Visit our website at http://www.ubswarburg.com This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
