I am using Tomcat 3.2 beta7 with an IIS web server. My servlet needs the
client certificate. I have configured the redirector, and in my servlet I
can see the following request attributes:
HTTPS_SERVER_SUBJECT
HTTPS_SERVER_ISSUER
CERT_ISSUER
HTTPS_KEYSIZE
HTTPS_SECRETKEYSIZE
CERT_SERIALNUMBER
CERT_COOKIE
CERT_SUBJECT
CERT_FLAGS
How can I get the actual certificate? When I redirect from Apache to
Tomcat, using AJP13, I get a request attribute containing the X509
certificate. I need the same functionality from IIS. Does it exist? (I'm
willing to modify the redirector, if anyone knows how to actually get the
certificate from IIS.)
Many thanks,
Barbara Nelson.
