S
Sam
Hello,
I am running a web service as a filter inside tomcat. I need to
configure it to perform mutual (both server and client) authentication,
with SSL. (My app is the server). Looking at
http://tomcat.apache.org/tomcat-4.0-doc/ssl-howto.html tells me how to
configure the server cert. But how can I make tomcat authenticate the
client cert before passing it to my app? Is this doable?
cert? (I am assuming my client certs can be issued by Verisign). Is
there some documentation somewhere on how to get this done?
Thanks,
Sam
I am running a web service as a filter inside tomcat. I need to
configure it to perform mutual (both server and client) authentication,
with SSL. (My app is the server). Looking at
http://tomcat.apache.org/tomcat-4.0-doc/ssl-howto.html tells me how to
configure the server cert. But how can I make tomcat authenticate the
client cert before passing it to my app? Is this doable?
force a client cert request. But does tomcat actually authenticate the
cert? (I am assuming my client certs can be issued by Verisign). Is
there some documentation somewhere on how to get this done?
Thanks,
Sam