Thanks for getting back Tott. I did see that how-to link . it states that we have to use those fields only when we have a keystore format other than 'jks'. 1. I had my keystores files with a ".keystore" as extension. Hence I modified the connector configuration to :: keystoreType="keystore" & truststoreType="keystore". After this I restarted Tomcat but this didn't work.
2. Then I regenerated my keystores using a ".jks" extension and removed the 'type' fields in the connector configuration (since it said the fields should be used only when other-than-jks format is used). I restarted my Tomcat again and still it didn't work. Not sure what I should look at. Any help would be appreciated. -Subhash- -----Original Message----- From: Clinton J. Totten [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 26, 2007 6:28 PM To: Tomcat Users List Subject: RE: Setting ClientAuth parameter to true >From inspection of your connector properties it looks like your missing the keystoreType attribute and the truststoreType attribute. If you check the documentation via this link (http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html) it will tell you what you can have as a value in this field. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 26, 2007 8:31 AM To: users@tomcat.apache.org Subject: Setting ClientAuth parameter to true Hi, I am unable to set client authentication for SSL in tomcat 5.5.2. I have generated the certificate for the client and imported the same into the server's keystore so that the server can verify the client's certificate. The following is the modification I make on server.xml. <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="true" sslProtocol="TLS" keystoreFile="D:\Projects\Starwood\WSOverSSL\axis\server.keystore" keystorePass="xxxxxx" truststoreFile="D:\Projects\Starwood\WSOverSSL\axis\server.keystore" truststorePass="xxxxxx " /> once this change is done and the server is restarted, I am not able to hit this url https://localhost:8443 <https://localhost:8443/> . At the same time, if I change the value of clientAuth back to "false" I am able to access the url. Can some pls help where I went wrong? Thanks, -Subhash- This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
