https://bz.apache.org/bugzilla/show_bug.cgi?id=65975
--- Comment #3 from Mark Thomas <ma...@apache.org> --- Tomcat has unit tests for this which have been passing consistently for as long as I can remember. This is also at least one test in the Servlet TCK for this that Tomcat also passes. TLS 1.3 changed how client certificate authentication works. It uses a new process called post handshake authentication. JSSE does not support this on the server side and currently has no plans to since HTTP/2 does not allow it. I suspect one of two causes: 1. TLS v1.3 + JSSE 2. Misconfiguration Tomcat emits a warning if you use certificateVerification="want" with TLS 1.3. I suspect we need a similar warning for TLS 1.3 + certificateVerification="none" + CLIENT-CERT -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
