current community

your communities

more stack exchange communities

Stack Exchange
tour help
careers 2.0
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 0 down vote favorite

My server runs tomcat 7 with this connector:

<Connector port="443"
       connectionTimeout="20000"
       URIEncoding="UTF-8"
       compression="on" compressionMinSize="2048" noCompressionUserAgents="gozilla, traviata"
       compressableMimeType="text/html,text/xml,text/plain,application/xml,text/js,text/css"
       protocol="org.apache.coyote.http11.Http11NioProtocol"
       maxThreads="150"
       redirectPort="80"
       SSLEnabled="true"
       sslProtocol="TLS"
       scheme="https"
       secure="true"
       truststoreType="JKS"
        keystoreFile="keystore.jks" keystorePass="changeit"
        truststoreFile="trust.jks" truststorePass="changeit"
       keyAlias="myAlias"
       clientAuth="true"
    />

I have a tiny program on the server that has to communicate with my application but I don't want to include a certificate each time I make a request to my app.

How can I tell tomcat to exempt all localhost requests from providing a certificate?

share|improve this question
add comment

1 Answer

up vote 1 down vote accepted

With just configuration, you can't.

You'd need to change clientAuth to want and then add a filter that rejected all requests that were not from localhost and did not present a certificate.

It might be easier to add a client cert to your local application.

share|improve this answer
    
I needed this phrase: "With just configuration, you can't."! –  danrah Nov 24 '13 at 13:07
add comment

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.