-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Andrew,
On 12/2/14 8:09 AM, Andrew Gronosky wrote:
>
> On 2014-12-02 04:55, John Dunn wrote:
>> I have been asked the following question during an audit, which
>> I personally don't understand.
>>
>> "When using Mutually authenticated TLS is auth
On 2014-12-02 08:09, Andrew Gronosky wrote:
As I discovered yesterday, if you have a client cert that is signed by
a CA that Tomcat trusts, but whose name (synonymously, CN) does not
map to a recognized user, then you will connect to Tomcat but get an
HTTP 401 error as your response. If the
On 2014-12-02 04:55, John Dunn wrote:
I have been asked the following question during an audit, which I personally
don't understand.
"When using Mutually authenticated TLS is authorisation based on the certificate
name(and not just on the root CA)?"
Can anyone clarify what exactly this mean
I have been asked the following question during an audit, which I personally
don't understand.
"When using Mutually authenticated TLS is authorisation based on the
certificate name(and not just on the root CA)?"
Can anyone clarify what exactly this means and whether Tomcat supports this?
Chee
