Dobson Paul L Contr 84 MSUG/GBMLBR <[EMAIL PROTECTED]> writes:
> Thanks for the additional insight into client authentication.
>
> The smart card and IE are set up correctly to prompt for a valid
> certificate. I know this because that is how it works when I visit
> other web sites on our network that has client authentication
> implimented. I have a feeling the problem I am having has something
> to do with Tomcat not knowing what to validate clients against.
>
> Does Tomcat use the value in the keystoreFile property to determine
> what certificates to validate client against? If so, what entries
> should be in the keystore? If not how do I let tomcat know that CA to
> validate against?
At the moment I do not know what truststoreFile is exactly for, but for
client authentication you need to set:
truststoreFile="${catalina.home}/conf/vnet/portalTruststore.jks"
truststorePass="verysecret" />
In this keystore reside all the certificates with which you can
authenticate yourself on the server.
regards
Markus
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
