• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

Securing Tomcat with SSL

Ranch Hand
Posts: 169
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello All,
I have created a web app and running it over Tomcat 5. I have configured my containers server.xml file to enable SSL on port 8443. Further, I have created a .keystore file using keytool utility provided by JDK It works pretty well.

Now, I want to go a step further and enable CLIENT-CERT method. For this I need to generate client certificate. I want that a user can securely log into a site without typing in a password by configuring his web browser to present an X.509 client certificate to the server automatically. The X.509 client certificate uniquely identifies the user, and Tomcat verifies the user�s client certificate against its own set of certificate authorities,
which are stored in the certificate authority keystore within the JRE.

I have checked OpenSSL.com but I believe it�s available only for Unix/Linux platform.

Can anybody help me on this?
A sonic boom would certainly ruin a giant souffle. But this tiny ad would protect it:
Thread Boost feature
    Bookmark Topic Watch Topic
  • New Topic