The SSL support in 4.1.12 is broken with JVM 1.4.x. You need to copy http://gump.covalent.net/jars/latest/jakarta-tomcat-connectors/tomcat-utils. jar to $CATALINA_HOME/server/lib to fix (or wait, hopefully not long, for 4.1.13).
This only fixes the CoyoteConnector. The (deprecated) HttpConnector is likely to remain broken for all time. "Ma, Yongjie" <[EMAIL PROTECTED]> wrote in message news:EE25536746703C47BB395D3EB2549CD6759B58@;usilms22.ca.com... Hi Tomcat 4.1.12, JavaJDK 1.4 I setup my Tomcat + SSL and installed personal certificate for IE browser. And also set clientAuth="true" in SSL connector session of the server.xml. Then started Tomcat. The browser with personal certificate could access the Tomcat example page via SSL, and the browser without certificate can not access. It works fine at this point. But in my servlet I tried to using req.getAttribute("javax.servlet.request.X509Certificate") to get client certificate information, but it always return null. I tried to type cast it to String, Object or (javax.security.cert.X509Certificate), But I got type cast exception, I guess it caused by tried to type cast NULL object. The code looks like: X509Certificate certs[] = (X509Certificate[]) request.getRequest().getAttribute(Globals.CERTIFICATES_ATTR); And I tried to debug tomcat, in the class org.apache.catalina.valves.certificatesValve, it did call setAttribute() to set javax.servlet.request.X509Certificate, and x509Certs is not null. code looks like: // Expose these certificates as a request attribute if ((x509Certs == null) || (x509Certs.length < 1)) return; session.putValue(Globals.CERTIFICATES_ATTR, x509Certs); log(" expose: Exposing converted certificates"); request.getRequest().setAttribute(Globals.CERTIFICATES_ATTR, x509Certs); Any idea? Thank you. Jack -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
