Hi, I need some help on SSL client authentication.
If a user has digital certificate installed on his/her machine, we like to
authenticate the user using digital certificate, otherwise using
username/password.
When I set clientAuth="true" in server.xml, open IE to the server URL
(https), IE popup a window asking for the client certificate even though there
is no certificate found in client machine.
1. how to ask client browser(IE) to ignore digital certificate if not found?
2. on server, how to get the client certificate for verification? java API?
Thank for help.
Dave
---------------------------------
Looking for last minute shopping deals? Find them fast with Yahoo! Search.
