httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nicolas.villoutr...@accenture.com
Subject [users@httpd] Mod_jk and ssl
Date Tue, 09 Mar 2004 16:14:38 GMT
I try to forward a user certificate to tomcat from an apache mod_jk,
 
Does mod_ssl need to be on the same server than mod_ssl?
 
It seems to be the case : here is what i tried to do : 
 
apache mod_jk gets the client certificate from an environment variable set by a SetEnv directive
instead of mod_ssl,
 
When i try to access the client certificate ((X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");),
i get a null pointer Exception 
 
Here is my httpd.conf file : 
 
SetEnv SSL_CLIENT_CERT "-----BEGIN CERTIFICATE-----\nMIICqTCCAhICAQIwDQYJKoZIhvcNAQEEBQAwgbAxCzAJBgNVBAYTAkZSMQwwCgYD\nVQQIEwNJREYxDjAMBgNVBAcTBVBhcmlzMSUwIwYDVQQKExxDZXJ0aWZpY2F0aW9u\nIEF1dGhvcml0eSwgSW5jMScwJQYDVQQLEx5DbGllbnQgY2VydGlmaWNhdGlvbiBh\ndXRob3JpdHkxEjAQBgNVBAMTCUNsaWVudCBDQTEfMB0GCSqGSIb3DQEJARYQY2xp\nZW50X2NhQGNhLmNvbTAeFw0wNDAxMjgxMjEwMzBaFw0wNTAxMjcxMjEwMzBaMIGI\nMQswCQYDVQQGEwJGUjERMA8GA1UECBMIQnJldGFnbmUxDzANBgNVBAcTBlJlbm5l\nczEXMBUGA1UEChMOTXkgQ29tcGFueSBMdGQxGDAWBgNVBAMUD0ZyYW7nb2lzIFBp\nZ25vbjEiMCAGCSqGSIb3DQEJARYTZnBpZ25vbkBob3RtYWlsLmNvbTCBnzANBgkq\nhkiG9w0BAQEFAAOBjQAwgYkCgYEAt7wimDsCaynG4LkOqAMmw/IGux4VjnuR854/\nk3uEi9/0JpuIstl/ZapSRbQGXqEVUczgxreV3WzRkKygGL+v11JZKaHERmuclFF3\n5+HnxGFm94OjAP2ruYvu/hSoToZXubABIdGvvTXvdGOebKdeGgGM6WmzWOxFyQ4y\niJTVbwMCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBNAgaR2N1ehIrDv8hpypd4Q9aQ\n0fycSwHPbJbxRCifHw1i28QAOGy8fen7TNhc6haTwUG2TctxyguhxylqnG/qiOvy\nrfwOPF175DIVueM7hE73+x0eflCziL1QDPOEDPSOY5IDIJMpUX+6Haxy6l3N3JQq\nGvheL/tRVr3eYH6yQA==\n-----END
CERTIFICATE-----\n"
 
# Should mod_jk send SSL information to Tomcat (default is On)
JkExtractSSL On
# What is the indicator for SSL (default is HTTPS)
#JkHTTPSIndicator HTTPS
# What is the indicator for SSL session (default is SSL_SESSION_ID)
#JkSESSIONIndicator SSL_SESSION_ID
# What is the indicator for client SSL cipher suit (default is SSL_CIPHER)
#JkCIPHERIndicator SSL_CIPHER
# What is the indicator for the client SSL certificated (default is SSL_CLIENT_CERT)
JkCERTSIndicator SSL_CLIENT_CERT



This message is for the designated recipient only and may contain privileged, proprietary,
or otherwise private information.  If you have received it in error, please notify the sender
immediately and delete the original.  Any other use of the email by you is prohibited.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message