Try: X509Certificate [] certs = (X509Certificate [])request.getAttribute("javax.servlet.request.X509Certificate");
"Elif Akten" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi, > I have been trying to get SSL client certificate during a client > authenticated SSL session. I am using Apache 2.0 with Tomcat 4.1.27. > Everything works succesfully: when I want to open a SSL protected JSP page > my browser asks for my client certificate and verifies it. But when I try to > get client certificate using request.getHeader("SSL_CLIENT_CERT") it returns > null. Also request.getAuthType() and request.getUserPrincipal() return null > value. Following is the relevant part from our httpd.conf file: > > <VirtualHost dune.net:443> > SSLEngine On > SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL > SSLCertificateFile conf/ssl/server.crt > SSLCertificateKeyFile conf/ssl/server.key > > JkExtractSSL On > JkHTTPSIndicator HTTPS > JkSESSIONIndicator SSL_SESSION_ID > JkCIPHERIndicator SSL_CIPHER > JkCERTSIndicator SSL_CLIENT_CERT > </VirtualHost> > > SSLVerifyClient require > SSLVerifyDepth 2 > SSLCACertificateFile "C:/Program Files/Apache Group/Apache2/conf/ssl/ca.cer" > SSLCACertificatePath "C:/Program Files/Apache Group/Apache2/conf/ssl" > SSLCACertificateFile "C:/Program Files/Apache > Group/Apache2/conf/ssl/rootca.cer" > > <IfModule !mod_jk.c> > LoadModule jk_module "C:/Program Files/Apache > Group/Apache2/modules/mod_jk.dll" > </IfModule> > > JkWorkersFile "C:/Program Files/Apache Tomcat 4.0/conf/workers.properties" > JkLogFile "C:/Program Files/Apache Tomcat 4.0/logs/mod_jk.log" > JkLogLevel info > JkMount /examples/* ajp13 > > Also our ssl.conf file includes the following lines : > > SSLOptions +StdEnvVars +ExportCertData > JkOptions +ForwardKeySize +ForwardURICompat +ForwardDirectories > JkMount /demo/* ajp13 > JkExtractSSL On > JkEnvVar SSL_CLIENT_CERT "<UNSET>" > > What should I do to read the client certificate? Any help is welcome... > > _________________________________________________________________ > The new MSN 8: advanced junk mail protection and 2 months FREE* > http://join.msn.com/?page=features/junkmail --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]