Also, I've already got a custom implementation of DefaultCoreSession, can I get the certificate from the IoSession?   Or should I be asking that question to the MINA list?


On Fri, Mar 13, 2015 at 7:55 AM, Marc Boorshtein <> wrote:

here you have access to the certificate and this is the only place where you have a chance to see it,
and if you want to store it for any other purpose then you need to extend server, cause certs are useless
after establishing a secure channel.

Well thats untrue.  The certificate can be used for user mapping, authorization, etc.  This is VERY common in the HTTP world.  In a servlet you can get the certificate, DN, etc from the request object.  

That being said, I have extended the server ( mainly so I can do custom SSL implementations so I can easily create a custom trust manager.  The question becomes how can I associate the cert I get from the trust manager to an LDAP session?  Neither the trust manager nor the keystore actually has that context.