> On 2025 Apr 5, at 10:55, juan <bobenag...@gmail.com> wrote: > > Hi > > I'm migrating from tomcat 9 to tomcat 11.0.5 > > I need a client cert validation. Mi server.xml in tomcat 9 : > > > <Connector SSLEnabled="true" *clientAuth="true" > *keyAlias="karun-tomcat-server-cert" > > > keystoreFile="/home/german/Developement/eclipseAngular/tomcat-server.jks" > keystorePass="pass" maxThreads="150" > port="8448" protocol="org.apache.coyote.http11.Http11NioProtocol" > scheme="https" secure="true" sslProtocol="TLS" > > truststoreFile="/home/german/Developement/eclipseAngular/tomcat-server.jks" > truststorePass="pass"/> > > Adding clientAuth="true" does the trick, and my client has to have a > certificate provided by me. > > But in tomcat 11 clientAuth doesn't exist in connector and even reading > documentation i can't find how to do it in tomcat 11
If you look at the 9.0.x SSL documentation, you’ll see that clientAuth was deprecated even then, and was replaced by attributes of the SSLHostConfig element. https://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support https://tomcat.apache.org/tomcat-11.0-doc/config/http.html#SSL_Support - Chuck
