I am also having trouble access the page using a browser. I extract my
each certificate from my certificate chain, and import them into the
keystore on the server running tomcat. After I accept the server
certificate (before I select my client certificate to send), the
following stack trace is displayed on my server:
Nov 13, 2006 2:56:52 PM org.apache.coyote.http11.Http11Processor action
WARNING: Exception getting SSL Cert
java.net.SocketException: Socket Closed
at java.net.PlainSocketImpl.setOption(PlainSocketImpl.java:177)
at java.net.Socket.setSoTimeout(Socket.java:924)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.setSoTimeout(DashoA12275)
at
org.apache.tomcat.util.net.jsse.JSSE14Support.synchronousHandshake(JSSE1
4Support.java:99)
at
org.apache.tomcat.util.net.jsse.JSSE14Support.handShake(JSSE14Support.ja
va:67)
at
org.apache.tomcat.util.net.jsse.JSSESupport.getPeerCertificateChain(JSSE
Support.java:120)
at
org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:104
9)
at org.apache.coyote.Request.action(Request.java:361)
at
org.apache.coyote.tomcat5.CoyoteRequest.getAttribute(CoyoteRequest.java:
929)
at
org.apache.coyote.tomcat5.CoyoteRequestFacade.getAttribute(CoyoteRequest
Facade.java:214)
at
org.apache.catalina.authenticator.SSLAuthenticator.authenticate(SSLAuthe
nticator.java:137)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authenticator
Base.java:504)
at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveCo
ntext.java:102)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:5
20)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
:137)
at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveCo
ntext.java:104)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:117)
at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveCo
ntext.java:102)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:5
20)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:109)
at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveCo
ntext.java:104)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:5
20)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
at
org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:79
9)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processC
onnection(Http11Protocol.java:705)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:57
7)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
.java:683)
at java.lang.Thread.run(Thread.java:534)
Any ideas to what is causing this?
Regards,
Andrew Friebel
Franchise Services
Franchise Product Development Coordinator
Ph: 03 9535 2362
-----Original Message-----
From: Mark Thomas [mailto:[EMAIL PROTECTED]
Sent: Saturday, 11 November 2006 5:05 AM
To: Tomcat Users List
Subject: Re: Accessing ssl pages using client authentication
Andrew Friebel wrote:
> I think I have an issue with how my client is sending the certificate.
> I thought tomcat handled this automatically. Is my assumption
correct?
Your assumption is correct. With SSL, as I am sure you are finding,
every bit of the configuration has to be perfect or it just doesn't
work. My best guess is that the issuer of your client certificate is
not trusted by the SSL provider Tomcat is using.
Mark
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
