tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Simon.Tem...@saaconsultants.com
Subject Re: No X509Certificate Attribute In IIS Redirected Request
Date Thu, 21 Jun 2007 15:02:08 GMT

OK

I enabled JK1 debug level logging and can see that IIS6 *is* relaying the
client authenticated SSL details in the AJP stream.

I see attributes called:

    CERT_ISSUER
    CERT_SUBJECT
    CERT_COOKIE
    HTTPS_SERVER_SUBJECT
    CERT_FLAGS
    HTTPS_SECRETKEYSIZE
    CERT_SERIALNUMBER
    HTTPS_SERVER_ISSUER
    HTTPS_KEYSIZE

JK1 appears to ignore them!

So is this a defect in JK 1.2.23 or something I need to 'switch-on'?


- Simon Temple



21 June 2007 15:38
To: users@tomcat.apache.org
cc:
From: Simon.Temple@saaconsultants.com
Subject: No X509Certificate Attribute In IIS Redirected Request



Hi,

I'm using:

    IIS V6.0
    JK 1.2.23
    Tomcat 6.0.13

No X509Certificate attribute is present in the request header received by
my servlet when using Client Authenticated SLL with IIS6 and JK1.

If I use Apache 2.2 with the mod_proxy modules it works fine.

Is this a bug?  If so, in what... IIS or JK1?

Does anyone know of a workaround?  Will JK2 fix my problem?

My customer must use IIS... so replacing with Apache is not an option.  :-(


TIA


Simon Temple


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message