Tomcat client certificate authentication for SSL

Discussion in 'Java' started by Sam, Sep 13, 2006.

  1. Sam

    Sam Guest

    Hello,

    I am running a web service as a filter inside tomcat. I need to
    configure it to perform mutual (both server and client) authentication,
    with SSL. (My app is the server). Looking at
    http://tomcat.apache.org/tomcat-4.0-doc/ssl-howto.html tells me how to
    configure the server cert. But how can I make tomcat authenticate the
    client cert before passing it to my app? Is this doable?

    >From the docs, setting the clientAuth=true seems to configure tomcat to

    force a client cert request. But does tomcat actually authenticate the
    cert? (I am assuming my client certs can be issued by Verisign). Is
    there some documentation somewhere on how to get this done?

    Thanks,
    Sam
    Sam, Sep 13, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. johndesp
    Replies:
    7
    Views:
    6,611
    Sudsy
    May 30, 2004
  2. Joe Wong
    Replies:
    2
    Views:
    4,112
  3. Joe Wong
    Replies:
    0
    Views:
    482
    Joe Wong
    Feb 20, 2006
  4. John Nagle
    Replies:
    11
    Views:
    625
    =?ISO-8859-1?Q?=22Martin_v=2E_L=F6wis=22?=
    Dec 14, 2006
  5. Mfenetre
    Replies:
    11
    Views:
    1,614
    Joe Kaplan \(MVP - ADSI\)
    Oct 12, 2005
Loading...

Share This Page