https://issues.apache.org/bugzilla/show_bug.cgi?id=49335
--- Comment #1 from Konstantin Kolinko <knst.koli...@gmail.com> 2010-05-24 20:03:24 EDT --- Is it reproducible in 7.0 RC3 only, or in 6.0.x as well? Is Tomcat running with 32-bit or 64-bit JRE? Is Tomcat-Native used? Does this certificate fit into a single AJP packet, along with other request headers? Sure that it does fit, because otherwise there must be an error logged. I wonder, how the AJP packet created by mod_jk differs from the one created by mod_proxy_ajp. In mod_jk the place where SSL certificate is appended to the packet is native\common\jk_ajp_common.c -- look for SC_A_SSL_CERT there In mod_proxy_ajp of Apache 2.2.x the SSL certificates are appended in modules\proxy\ajp_header.c -- look for SC_A_SSL_CERT there By quick look the code there looks quite similar, but there might be a difference on how information on the presence of a certificate is obtained. What JkOptions directives are used in the configuration? I see that mod_jk can send a whole certificate chain if +ForwardSSLCertChain option is used (off by default). It looks that mod_proxy_ajp cannot send the certificate chain. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
