Tomcat client certificate authentication for SSL

Discussion in 'Java' started by Sam, Sep 13, 2006.

  1. Sam

    Sam Guest

    Hello,

    I am running a web service as a filter inside tomcat. I need to
    configure it to perform mutual (both server and client) authentication,
    with SSL. (My app is the server). Looking at
    http://tomcat.apache.org/tomcat-4.0-doc/ssl-howto.html tells me how to
    configure the server cert. But how can I make tomcat authenticate the
    client cert before passing it to my app? Is this doable?
    force a client cert request. But does tomcat actually authenticate the
    cert? (I am assuming my client certs can be issued by Verisign). Is
    there some documentation somewhere on how to get this done?

    Thanks,
    Sam
     
    Sam, Sep 13, 2006
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.