Win a copy of Svelte and Sapper in Action this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
Bartenders:
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

problem with clientAuth="true" in tomcat configuration

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I'm facing some problems with the SSL configuration in tomcat. I created the store.jks using keytool and the certificates using openssl. Self Signed the certificate request too. Then exported the client certificate to pk12 format for browsers.

Initially
clientAuth="false"
The website was accessible like always but was giving an certificate error(red padlock). Then i imported and installed manually the client certificate in the browser. Restarted the browser and the certificate error went away thus showing a green padlock.

Modification
clientAuth="true"
Removed the client certificate then restarted the browser and tomcat. The website was blocked giving an Error 117 (net::ERR_BAD_SSL_CLIENT_AUTH_CERT): Bad SSL client authentication certificate (which is expected). But then after i manually installed the client certificate, the website was still blocked and giving the same error as before.

Why is it still blocking the client? I already installed the certificate in the browser.
Is this issue coming from the tomcat ssl connector or an issue with the certificates?
 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Facing exactly the same problem . Have you been lucky? If you have found the solution please do share and if I get the solution I will definitely share.

B Regards
 
Hizami Hashim
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Sorry for the late reply.

Yes, i have found a solution to the problem. I followed a guide from this website : http://java-notes.com/index.php/two-way-ssl-on-tomcat

Hope it helps!!!


Regards,
 
Hizami Hashim
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Sorry for the late reply.

Yes, i have found a solution to the problem. I followed a guide from this website : http://java-notes.com/index.php/two-way-ssl-on-tomcat

Hope it helps!!!


Regards
 
Keshav Jha
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi
Thanks a lot for your answer. Actually I forgot to mention that we were on windows and not on linux. Running openssl on windows as per the link you wrote (did via cygwin) is tricky.
Any ways I found a solution on the site http://blog1.vorburger.ch/2006/08/setting-up-two-way-mutual-ssl-with.html
Did some modifications on the connector settings given in the blog, fixed some simple to find typos and it ran fine.
Thanks again
 
Hoo hoo hoo! Looks like we got a live one! Here, wave this tiny ad at it:
the value of filler advertising in 2020
https://coderanch.com/t/730886/filler-advertising
    Bookmark Topic Watch Topic
  • New Topic