Hi all.
I don't find information about integrate Apache+Tomcat+SSL
I can't retrieval client certificate from my servlet
Can anybody help me?
I have apache2.0 with ssl configure such as:
*************************************
.....
SSLVerifyClient optional
SSLOptions +ExportCertData +StdEnvVars
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
WebAppConnection conn warp localhost:8008
WebAppDeploy app conn /app
</VirtualHost>
************************************************************
I have server.xml such as:
*************************************************************
<!-- Define an Apache-Connector Service -->
<Service name="Tomcat-Apache">
<Connector className="org.apache.catalina.connector.warp.WarpConnector"
port="8008" minProcessors="5" maxProcessors="75"
enableLookups="true" appBase="/usr/local/apache2/pki-piscis/"
acceptCount="10" debug="0" scheme="https" secure="true" />
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="true" protocol="SSL"/>
<!-- Replace "localhost" with what your Apache "ServerName" is set
to -->
<Engine className="org.apache.catalina.connector.warp.WarpEngine"
name="london.dif.um.es" debug="0">
<!-- Global logger unless overridden at lower levels -->
<Logger className="org.apache.catalina.logger.FileLogger"
prefix="apache_log." suffix=".txt"
timestamp="true"/>
<!-- Because this Realm is here, an instance will be shared
globally -->
<Realm className="org.apache.catalina.realm.MemoryRealm" />
</Engine>
</Service>
****************************************************************
And in my servlet I use:
Object obj =req.getAttribute("javax.servlet.request.X509Certificate");
but always return null
****************************************************************
Any idea?
Thanks a lot, Gabi.
--
-------------------------------------------------
Gabriel Lopez Millan - Grupo ANTS-CIRCuS
Facultad de Informática
Universidad de Murcia (España) Tfo: +34 968367645
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
