Hey all,
I'm trying to access the certificate that the user has sent to
authenticate himself. I'm using the Tomcat/Apache combo. Apache correctly
exports the Certificate to the "SSL_CLIENT_CERT" environment variable, but
when I try to read "javax.servlet.request.X509Certificate", Tomcat always
returns null. The list of attributes is always empty.
I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator SSL_SESSION_ID,
JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set
JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've
disabled everything else.
What am I missing here? Any help greatly appreciated!
Thanks in advance,
Christoph.