Re: Tomcat 4.0 & Apache with Client Certs

jean-frederic clere Tue, 25 Sep 2001 00:51:51 -0700
[EMAIL PROTECTED] wrote:
> 
> Scenario
> 
> I have apache passing any calls to servlets through to Tomcat 4 via
> the mod_webapp connector.
> My Server certificate and my client certificates work fine to allow
> specific users onto the system.
> 
> Problem....Problem....Problem....Problem....Problem....
> 
> In Tomcat 3.2.3 it was possible using AJP13 to access Client
> Certificate information via
> request.getAttribute("javax.servlet.request.X509Certificate") from
> within my tomcat servlet. In Release 4.0 using the warp connector this
> doesn`t appear to be the case. When i debug/view my request object for
> it`s attributes there are none present. No CIPHER_SUITE or
> X509Certificate.

Try with mod_jk of jakarta-tomcat-connectors (SSL is not yet supported in
mod_webapp).

> 
> Please can someone tell me how i should be accessing client
> certificate information from within Tomcat 4.0 via apache.
> 
> My System
> 
> Apache-ssl 1.3
> Tomcat 4.0
> mod_webapp.so
> Linux Redhat 7.1
> 
> Here is an extract of my httpd.conf
> 
> <VirtualHost www.xxxxxxxxxx.co.uk:443>
>         SSLEnable
>         SSLCertificateFile /usr/local/ssl/www.xxxxxxx.crt
>         SSLCertificateKeyFile /usr/local/ssl/www.xxxxxxx.key
>         SSLCACertificateFile /usr/local/ssl/xxxxxxx.pem
>         SSLVerifyClient 2
>         SSLVerifyDepth 10
>         SSLFakeBasicAuth
>         SSLExportClientCertificates
>         SSLCacheServerPort /usr/logs/gcache_port
>         SSLCacheServerPath ./bin/gcache
>         SSLSessionCacheTimeout 30
>         SSLRequiredCiphers RC4-MD5
>         SSLCacheServerPath ./bin/gcache
>         SSLCacheServerPort logs/gcache_port
>         SSLCacheServerRunDir /tmp
>         Serveradmin xxxxxx@xxxxxx
>         ServerName xxxxxxx
>         WebAppConnection warpConnection warp localhost:8008
>         WebAppDeploy testcert warpConnection /testcert/
> </VirtualHost>
> 
> and my server.xml to receive the warp connector
> 
>   <!-- Define an Apache-Connector Service -->
>   <Service name="Tomcat-Apache">
> 
>     <Connector className="org.apache.catalina.connector.warp.WarpConnector"
>      port="8008" minProcessors="5" maxProcessors="75"
>      enableLookups="true" scheme="https" secure="true">
>      acceptCount="10" debug="0"/>
>     </Connector>
> 
>     <!--
>      <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
>      clientAuth="false" protocol="TLS"/>
>     -->
> 
>     <!-- Replace "localhost" with what your Apache "ServerName" is set
> to -->
>     <Engine className="org.apache.catalina.connector.warp.WarpEngine"
>      name="Apache" defaultHost="localhost" debug="0"
> appBase="webapps">
>         .........
> 
> Any help or advise greatly appreciated
> 
> Lee Lovell
Re: Tomcat 4.0 & Apache with Client Certs

Reply via email to
