This content has been marked as final.
Show 2 replies
-
1. Re: Renegotiate SSL connection to send a certificate from Sm
jfclere May 30, 2008 7:51 AM (in response to grahambause)Guessing that you use Apache httpd as a frontend to Jboss, there isn't any logic to allow this to work.
In the mod_ssl configuration change to SSLVerifyClient to:
SSLVerifyClient require
The client certificate will ask when starting the SSL connection. -
2. Re: Renegotiate SSL connection to send a certificate from Sm
grahambause May 30, 2008 7:57 AM (in response to grahambause)no, unfortunatelly I can't set the SSLVerifyClient to "require", because it must be optional. We allow two sorts of authentication: 1) by username/password and 2) by certificate. If a customer doesn't have a certificate he must still be able to login.
thanks anyways.