Chuck, you are brilliant! Renamed tcnative-1.dll and it works. Thanks for the info on the APR connector. I'll look into that as well.
Paul -----Original Message----- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: Tuesday, March 23, 2010 8:54 AM To: Tomcat Users List Subject: RE: Unable to get client authentication working in tomcat 6 > From: Dobson, Paul L CTR USAF AFMC 416 SCMS/OBN > [mailto:paul.dob...@hill.af.mil] > Subject: Unable to get client authentication working in tomcat 6 > > I have a tomcat 5 installation that uses client authentication. I am > trying to upgrade to Tomcat 6.0.24 and I am not able to get the client > authentication to work. You appear to have enabled the native APR connector, which uses OpenSSL, not JSSE. > This is the section from my server.xml file that sets up the client > authentication: > > <Connector port="8443" SSLEnabled="true" maxHttpHeaderSize="8192" > maxThreads="150" minSpareThreads="25" maxSpareThreads="75" > enableLookups="false" disableUploadTimeout="true" acceptCount="100" > scheme="https" secure="true" > keystoreFile="C:\Progra~1\apache-tomcat-6.0.24\SSL\keystore" > truststoreFile="C:\Progra~1\apache-tomcat-6.0.24\SSL\truststore" > clientAuth="true" sslProtocol="TLS" /> The above is for the Java-based connector. The easiest thing would be to disable the APR code by deleting or renaming tcnative-1.dll in Tomcat's bin directory. If you decide you want to use the APR SSL code (it's faster), the doc is here: http://tomcat.apache.org/tomcat-6.0-doc/apr.html - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
