Thanks, Bruno. I am using the Client certificate authentication method. It does look like the best way to do it is to place a ChallengeAuthenticator in front of my resource to ensure there is Certifiate authorization. Does that sound right?
Thank you, Dustin Bruno Harbulot wrote: > Hi Dustin, > > If you're running within Tomcat (or other servlet containers), it's > Tomcat that deals with the SSL connector, not the Restlet connector. > Therefore, this setup has nothing to do with what's on the Restlet wiki > regarding SslContextFactories (which are only for connections with a > direct connector in Restlet). You should follow the Tomcat SSL > documentation for this instead. > > If you want to use client-certificate authentication, the Servlet > connector (of Restlet) relays the certificate chain (same as with the > other connectors), so you can get it from the > "org.restlet.https.clientCertificates" attribute in the Request: this is > a List of certificates (whereas "javax.servlet.request.X509Certificate" > is an array in Servlets). > > Best wishes, > > Bruno. > > Dustin N. Jenkins wrote: > >> I'm using Java 1.6, RESTlet 2.0M6, Tomcat 6.0.20, on a Linux system. >> >> My Tomcat runs a Connector on port 8443 to support HTTPS connections, >> and my Apache configuration is proxying to it. It's not using the AJP, >> but just with Redirects. >> >> I'm not sure how to setup SSL Certificates with my REST application. >> For the BASIC authentication with HTTP, one would use a ChallengeGuard, >> for example, but with HTTPS, do we still need a Guard in place to check >> for certificates? >> >> The setup has me confused too. See here: >> http://wiki.restlet.org/docs_2.0/13-restlet/28-restlet/153-restlet.html >> >> Do I need to configure a Server bean to look on the 8443 port that >> Tomcat already has open? I assume a SSLContextFactory of some kind >> needs to be configured. >> >> Has anyone got HTTPS Certificates working? Is there a guide for it? >> >> Thanks, >> Dustin >> > > ------------------------------------------------------ > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2425568 > -- Dustin N. Jenkins | Tel/Tél: 250.363.3101 | dustin.jenk...@nrc-cnrc.gc.ca facsimile/télécopieur: (250) 363-0045 National Research Council Canada | 5071 West Saanich Rd, Victoria BC. V9E 2E7 Conseil national de recherches Canada | 5071, ch. West Saanich, Victoria (C.-B) V9E 2E7 Government of Canada | Gouvernement du Canada ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2426030
