Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org Received: (qmail 48843 invoked from network); 2 May 2002 15:29:48 -0000 Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131) by daedalus.apache.org with SMTP; 2 May 2002 15:29:48 -0000 Received: (qmail 24425 invoked by uid 97); 2 May 2002 15:28:47 -0000 Delivered-To: qmlist-jakarta-archive-tomcat-user@nagoya.betaversion.org Received: (qmail 24377 invoked by alias); 2 May 2002 15:28:45 -0000 Delivered-To: jakarta-archive-tomcat-user@jakarta.apache.org Received: (qmail 24313 invoked by uid 97); 2 May 2002 15:28:44 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 23875 invoked by uid 98); 2 May 2002 11:00:04 -0000 X-Antivirus: nagoya (v4198 created Apr 24 2002) Date: Thu, 2 May 2002 12:41:57 +0200 From: Christian Bockerman To: Tomcat Users List , alekya_raj1@eudoramail.com Subject: Re: Problem while retreiving Client Certificate Message-ID: <20020502124157.A27436@trillian.dorf.wh.uni-dortmund.de> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from alekya_raj1@eudoramail.com on Thu, May 02, 2002 at 03:03:16AM -0700 X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N On Thu, May 02, 2002 at 03:03:16AM -0700, Raja Sekhar wrote: > Hi, > > I am using Tomcat 4.0.3 with Apache 1.3.24 on Redhat Linux 7.1. > For SSL, I have configured Apache with mod_ssl & the connector > I am using is mod_webapp. The SSL Connection is successfully done. > I have a servlet on Tomcat which is expecting a Client Certificate. > I have made "SSLVerifyClient -- True" & it accepts client > certificate at SSL Handshake. > > I am using the following code to retreive the certificate from > servlet running on Tomcat > > Object certReqObject = > request.getAttribute("javax.servlet.request.X509Certificate"); > I have downloaded the WarpConnector source. In WarpRequest.java, > the certificate object is set to null if any exception occurs. > Can any one help me where I am going wrong. I am using trial > Server certificate which we automatically get while configuring > Apache with SSL. The certificate entry in httpd.conf is as follows > ----------------------------------------------------- > SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt > SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key > SSLVerifyClient require > SSLVerifyDepth 10 > ------------------------------------------------------- > Please help me out at the earliest as I am struck badly. > Thanks & Regards, > ..Raj In http://jakarta.apache.org/tomcat/tomcat-3.3-doc/tomcat-ssl-howto.html#s4 there is a bit about Apache+mod_ssl and mod_jk which says "When using mod_jk with Apache & mod_ssl, it is essential to specify "SSLOptions +StdEnvVars +ExportCertData" in the httpd.conf file. Otherwise, mod_ssl will not produce the neccessary environment variables for mod_jk." Perhaps you should add SSLOptions +StdEnvVars +ExportCertData to your httpd.conf as this seems to be a problem with mod_ssl and mod_jk on the mod_ssl-side and might solve your problem with mod_webapp and mod_ssl. -Christian -- To unsubscribe: For additional commands: Troubles with the list: