using the old Connector/clientAuth="true" or the new Connector/SSLHostConfig/ certificateVerification="REQUIRED" (tried lowercase and without the D) format..doesn't seem to work properly.
no matter what value I use or which format... the behavior seems to be that the client cert is prompted for, but is optional.... (the web pages are shown whether a cert is selected or Cancel is selected on the prompt. (in the latter case, a JSP scriplet that shows X509 certificate content throws an error, confirming that the client certifcate was not sent). (Openssl s_client cmd confirms that the "Acceptable client certificate CA names" from the trustStore specified ARE being sent). I don't doubt that I'm missing (mistyping or misunderstanding) something (again), but I'm gonna ask for help a little sooner this time rather than continuing to beat a dead horse :) ... thanks again.. John
