>Even in the 2.2 spec, this was required to be an array of certificates.
>
>What did Tomcat 3.2 do? If 3.2 does it right, this would seem to be a
>regression.
TC 3.2 also have it like a string and it's bad.
I'm strongly to have TC 3.3 handling as indicated by SPEC.
>> Cheers
>>
>> Jean-frederic
>>
>> Note:
>> javax.servlet.cert.X509Certificate is in JSSE.
>> java.servlet.cert.X509Certificate is in JDK (even in 1.2.2).
>>
>
>Not only that, the JSSE version doesn't even inherit from the
>JDK version
>:-(. When using JSSE (i.e. in Tomcat stand-alone) you have to
>convert the
>certificates manually.
I've got question not really well covered in spec.
When you got the X509Certificate, you got the certificate
presented by Browser ? So only one certificate isnt'it ?
That's currently what mod_ssl present :)
