Hi, I cannot obtain client certificate with SSL/client certificate authentication using APR components My configuration : Tomcat 5.5.17, jdk1_5.0_06, Apr-1.2.7, Openssl-0.9.8, tomcat-native-1.1.3 under solaris 8
I configured tomcat to use SSL client-certificate authentication and i need to access the client certificate. When i set SSLVerifyClient="none" the authentification works correctly, but when i set SSLVerifyClient="require" the authentification ask the client certificate and after it "freeze". I thing that it can't get client certificate because when i shutdown tomcat, the log contains this line "ssl3_check_client_hello" and after no lines. My tomcat installation, according the guide http://tomcat.apache.org/tomcat-5.5-doc/apr.html and the BUILDING in APR-1.2.7 This is the SSL HTTP connector extract from my server.xml : <Connector protocole="org.apache.coyote.http11.Http11AprProtocol" port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEngine="on" SLProtocole="all" SSLCipherSuite="ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL" SSLCertificateFile="${catalina_base}/srv.crt" SSLCertificateKeyFile="${catalina_base}/srv.key" SSLPassword="xxxxx" SSLCACertificatePath="${catalina_base}" SSLCACertificateFile="${catalina_base}/ca.crt" SSLVerifyClient="require" SSLVerifyDepth="1" /> I don't know what missing to work correctly. Thanks -- View this message in context: http://www.nabble.com/Tomcat-5.5.17-APR-SSL-Client-Certificat-t1810149.html#a4933091 Sent from the Tomcat - User forum at Nabble.com. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
