• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

client cert authentication problem

 
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I've developed a webservice running in axis on jboss 3.2.6 / tomcat5.
Everything works fine. Our test server uses apache as the webserver.
When I put the application on the test server I get the following
error:

(400)No client certificate chain in this request

I know that the client certificate code works, because it worked when I
was using the tomcat webserver alone. It seem s like apache is doing
something that keeps the client certificate information from being
passed to tomcat.

We are passing requests from apache to tomcat via virtual host proxy
pass
<VirtualHost myserver:443>
ServerNamemyserver
SSLEngine on
SSLCertificateFile conf/ssl.crt/myserver.crt
SSLCertificateKeyFile conf/ssl.key/myserver.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
ProxyRemote /* http://myserver:8080/
ProxyPass / http://myserver:8080/
ProxyPassReverse / http://myserver:8080/
</VirtualHost>

<VirtualHost dev.childsupport.state.co.us:80>
ServerName dev.childsupport.state.co.us
ProxyRemote /* http://myserver:8080/
ProxyPass / http://myserver:8080/
ProxyPassReverse / http://myserver:8080/
RewriteEngine on
RewriteRule ^/siteuser/(.*) https://myserver/siteuser/$1 [R,L]
</VirtualHost>

We are not using mod_jk (yet) and as far as I know we're not using
mod_ssl. What can I do to correct my problem with client_cert
authentication?

Thanks,
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic