tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ohaya <oh...@cox.net>
Subject Problem retrieving client cert info
Date Tue, 17 Aug 2004 13:52:04 GMT
Hi,

I have an SSL-enabled Apache + Tomcat with mod_jk2. Apache is configured
to require client certificates, and I've confirmed that this client
authentication seems to be working (see below).

I have a JSP where I want to retrieve some info from the client
certificate.

Here's the code that I'm trying to use for retrieving the certificate
info:

out.println("<BR><BR><B>Client Certificate Info:</B><BR>");
X509Certificate[] certs =
(X509Certificate[])request.getAttribute("javax.servlet.request.X509Certificate");
if (certs != null)
{
X509Certificate cert = certs[0];
String dn = cert.getSubjectDN().getName();
out.println(dn);
}
else
{
out.println("Certs returned NULL");
}

BUT, I am finding 'certs' is always null :(!!

I added some additional code to display some other info from the
request:

Client Info:
request.getRemoteHost(): jimnew.foo.com
request.getRemoteAttr(): 192.168.0.120
request.getProtocol(): HTTP/1.1
request.getScheme(): https
request.isSecure(): yes
request.getAuthType(): null
request.getRemoteUser(): null
request.getMethod(): GET
request.getRequestURI(): /showcert.jsp
request.getServletPath(): /showcert.jsp
request.getContentType(): null
request.getContentLength(): 0
request.getCharacterEncoding(): null

When I connect with a client, I am getting a popup asking to select my
client certificate.

Can anyone tell me why the 'certs' is always returning null, and how can
I retrieve the DN/subjectName?

Thanks,
Jim

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message