HI, I'm in a similar situation. I had several applications running perfectly
in Tomcat 5.5.20 but when I try to configure the server with the APR and try
to get the certificate list in request only can get the CA certificate (not
the user certificate).
My connector configuration is the following:
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
SSLVerifyClient="require" SSLEngine="on" SSLVerifyDepth="3"
sslProtocol="TLSv1"
SSLOptions="+StdEnvVars +CompatEnvVars +ExportCertData"
SSLCertificateFile="${catalina.base}/conf/localhost_pem.crt"
SSLCertificateKeyFile="${catalina.base}/conf/localhost.key"
SSLCACertificateFile="${catalina.base}/conf/SSLCACertificateFile.pem"
SSLCACertificatePath="${catalina.base}/conf/ssl.crt/"
SSLCertificateChainFile="${catalina.base}/conf/SSLCACertificateFile.pem"
SSLCertificateChainPath="${catalina.base}/conf/ssl.crt/"
SSLCADNRequestFile="${catalina.base}/conf/SSLCACertificateFile.pem"
SSLCADNRequestPath="${catalina.base}/conf/ssl.crt/" />
My test page try to show all variables I've could to think...
======================= JSP ===========================
<%@ page pageEncoding="ISO-8859-1" autoFlush="true" %>
<%@ page contentType="text/html; charset=ISO-8859-1" %>
<%@ page errorPage="/error.jsp" %>
<%@ page import="java.util.*" %>
<%@ page import="java.security.cert.X509Certificate" %>
<%
System.out.println("Informacion de entorno.");
//-- Recogemos parametros
X509Certificate[] userCertificates = (X509Certificate[])
request.getAttribute("javax.servlet.request.X509Certificate");
if ( userCertificates == null ){ throw new Exception("Es necesario un
certificado de Ciudadano para el acceso seguro a la aplicación."); }
StringBuffer sbCer = new StringBuffer();
for( int iUserCerts=0; iUserCerts < userCertificates.length;
iUserCerts++
){
sbCer.append("<p>Certificado[" + iUserCerts + "]:<br>" +
userCertificates[iUserCerts].getSubjectDN().getName() + "</p>");
}
//-- Lectura de Atributos del request
StringBuffer sbAtr = new StringBuffer();
Enumeration en = request.getAttributeNames();
while( en.hasMoreElements() ){
String key = en.nextElement().toString();
Object val = request.getAttribute(key);
sbAtr.append("<p>" + key + ": " + val + "</p>");
}
en = null;
//-- Lectura de Parametros del request
StringBuffer sbPar = new StringBuffer();
en = request.getParameterNames();
while( en.hasMoreElements() ){
String key = en.nextElement().toString();
Object val = request.getParameter(key);
sbPar.append("<p>" + key + ": " + val + "</p>");
}
en = null;
//-- Lectura de Headers del request
StringBuffer sbHea = new StringBuffer();
en = request.getHeaderNames();
while( en.hasMoreElements() ){
String key = en.nextElement().toString();
Object val = request.getHeader(key);
sbHea.append("<p>" + key + ": " + val + "</p>");
}
en = null;
//-- Lectura de Propiedades del Sistema
StringBuffer sbPro = new StringBuffer();
en = System.getProperties().keys();
while( en.hasMoreElements() ){
String key = en.nextElement().toString();
Object val = System.getProperty(key);
sbPro.append("<p>" + key + ": " + val + "</p>");
}
en = null;
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Info</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<table border="1" cellpadding="1" cellspacing="0">
<tr>
<td> CERTIFICADOS:</td>
<td> <%= sbCer.toString() %></td>
</tr>
<tr>
<td> ATRIBUTOS:</td>
<td> <%= sbAtr.toString() %></td>
</tr>
<tr>
<td> PARAMETROS:</td>
<td> <%= sbPar.toString() %></td>
</tr>
<tr>
<td> CABECERAS:</td>
<td> <%= sbHea.toString() %></td>
</tr>
<tr>
<td> SYSTEM:</td>
<td> <%= sbPro.toString() %></td>
</tr>
</table>
</body>
</html>
======================= /JSP ===========================
Any sugestions?
Thanks in advance!!
Сергей Ковтун wrote:
>
> В , Caldarale, Charles R <[EMAIL PROTECTED]> писал:
>
>> SSL configuration is different with APR (tcnative-1.dll).
> I have adjusted and now all works, for exception of one
> now I cannot obtain the data of the certificate of the client in "Servlet"
> "X509Certificate [] cr = (X509Certificate[])
> request.getAttribute("javax.servlet.request.X509Certificate");"
> always returns "null". Since the given attribute does not exist any more
> in "request"
> I do not know as to me now to obtain the data on connection :(
>
> To me who is necessary to know has incorporated at present, and here it is
> not enough IP address, the data of the certificate are necessary for me.
> Without tcnative I could obtain these data
>
> Best regards,
> Sergey Kowtoon
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/some-bug-tf2479825.html#a7097893
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
