使用 SSL 的 Tomcat 客户端身份验证 [英] Tomcat Client Authentication using SSL

问题描述

我不知所措，因为我不是 Tomcat 人.我需要使用第 3 方的 Web 服务，并且他们需要通过 SSL 进行客户端身份验证，因此他们生成并向我颁发了 SSL 证书.不幸的是，这是他们支持的范围，不能给我任何关于如何实际使用的指导.我一直在使用这个 3rd 方，所以很遗憾我不得不忍受他们缺乏支持.

I'm at a loss, since I'm not a Tomcat person. I need to use a 3rd party's web service and they require Client Authentication via SSL, so they generated and issued me an SSL certificate. Unfortunately this is as far as they support it and cannot give me any direction on how to actually use it. I'm stuck using this 3rd party so unfortunately I have to put up with their lack of support.

所以我拥有的是一个供应商为我们提供的 Java 应用程序(显然他们从来没有处理过这个问题)，一个在 CentOS 5.3 上运行 6.0.20 的 Tomcat 应用程序服务器，以及来自 3rd 方的 SSL 证书.

So what I have is a Java application that a vendor is supplying for us (who apparently has never had to deal with this), a Tomcat app server running 6.0.20 on CentOS 5.3, and the SSL cert from the 3rd party.

此时我需要做什么?我在网上能找到的只是如何设置密钥库，以便我的应用程序可以对连接到它的事物使用客户端身份验证，而不是在它需要连接到其他人时，或者如何通过端口 8443(我知道)使用 SSL怎么做，已经设置了).

What all do I need to do at this point? All I can find online is how to set up a keystore so that my app can use Client Authentication against things connecting to it, not for when it needs to connect out to someone else, or how to use SSL over port 8443 (which I know how to do already and have set up).

推荐答案

这是很长的答案:http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html

不要相信我的话，但我相信，作为客户端，客户端身份验证会在服务器请求时自动执行.

Don't take my word for it, but I believe that, as a client, client auth will automatically be performed when the server requests it.

如果配置tomcat是个问题，你读过http:///tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html?尤其要注意连接器元素的 clientAuth 属性.

If configuring tomcat is the question, have you read http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html? In particular, note the clientAuth attribute of the Connector element.

这篇关于使用 SSL 的 Tomcat 客户端身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！