aspose file tools*
The moose likes Tomcat and the fly likes CLIENT-CERT / null cert chain Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "CLIENT-CERT / null cert chain" Watch "CLIENT-CERT / null cert chain" New topic
Author

CLIENT-CERT / null cert chain

Pascal C.
Greenhorn

Joined: Jul 13, 2005
Posts: 1
Hi everybody,

I want to configure Tomcat/4.1.27 in order to use the client certificate authentication. I first set up the SSL connector following the How-To.
So now my site runs under SSL without any problem.

Next,I build the client certificate with keytool, and store it into a file ( trust.keystore ). In my web.xml I change my BASIC into CLIENT-CERT :
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>Client certificate auth.</realm-name>
</login-config>

and in my server.xml :

<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="100" debug="0" scheme="https" secure="true"
useURIValidationHack="false" disableUploadTimeout="true"
>
<Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
clientAuth="false" protocol="TLS"
truststoreFile="c:\keystores\trust.keystore"
/>
</Connector>

When I connect to my protected JSP, I always get an error :
WARNING: Exception getting SSL Cert
javax.net.ssl.SSLHandshakeException: null cert chain.

I don't know if my configuration is OK. Where can be the problem ? Does anyone have an idea ?

Thanks a lot

Pascal.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: CLIENT-CERT / null cert chain