Well, the basics are simple:
import java.security.cert.X509Certificate;
.....
X509Certificate [] certs = (X509Certificate
[])request.getAttribute("javax.servlet.request.X509Certificate");
Now comes the hard part :-). certs[0] is always the clients certificate.
For the HTTP/1.1 connector (Coyote or otherwise), the remaining elements in
the array are the signers. For the Ajp13 connector (Coyote or otherwise),
certs.length = 1, and the signers are not available. Also, if you haven't
separately configured Apache/IIS/iPlanet to request the cert, then certs ==
null.
"Mark W. Webb" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I need to get the user certificate that the user's browser sends to the
> server in order to set up a mutually authenticated SSL connection. Will
> a non-SSL connector be able to perform this if I run tomcat with apache
> 2.0.44?
>
> Does anyone have any experience with SSL and tomcat? I am having a
> really hard time with this. I would appreciate it greatly if someone
> could help me out with this.
>
> Thank you.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
