Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 72331 invoked by uid 500); 1 Sep 2001 08:34:18 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk Reply-To: tomcat-user@jakarta.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 72324 invoked from network); 1 Sep 2001 08:34:18 -0000 Received: from relay1.pair.com (209.68.1.20) by daedalus.apache.org with SMTP; 1 Sep 2001 08:34:18 -0000 Received: (qmail 28531 invoked from network); 1 Sep 2001 08:33:59 -0000 Received: from pd901d44d.dip.t-dialin.net (HELO factor.mooondock) (217.1.212.77) by relay1.pair.com with SMTP; 1 Sep 2001 08:33:59 -0000 X-pair-Authenticated: 217.1.212.77 Date: Sat, 1 Sep 2001 10:39:12 +0200 (CEST) From: Christoph Ender X-X-Sender: To: Tomcat User List Subject: How to access X509 Certificate? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Hey all, I'm trying to access the certificate that the user has sent to authenticate himself. I'm using the Tomcat/Apache combo. Apache correctly exports the Certificate to the "SSL_CLIENT_CERT" environment variable, but when I try to read "javax.servlet.request.X509Certificate", Tomcat always returns null. The list of attributes is always empty. I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator SSL_SESSION_ID, JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've disabled everything else. What am I missing here? Any help greatly appreciated! Thanks in advance, Christoph.