Win a copy of Think Java: How to Think Like a Computer Scientist this week in the Java in General forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Cannot retrieve client cert when requesting javax.net.ssl.peer_certificates

 
Bryan Pan
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

I am upgrading from Tomcat 6.0.18 to 7.0.21 (32-bit Win zip).

Previously, when requesting a client certificate I would use:

X509Certificate[] certs = (X509Certificate[])req.getAttribute("javax.net.ssl.peer_certificates");

However, after upgrading to 7.0.21 this no longer works. Instead it returns null.

However, I can retrieve the client certificate when I use:

X509Certificate[] certs = (X509Certificate[])req.getAttribute("javax.servlet.request.X509Certificate");

I'm curious as to why the javax.net.ssl.peer_certificates parameter no longer works in this case. Is it an issue cause by a Tomcat regression change?
Also I have only been able to find a reference to it in the 2.1 servlet specification. However, while using tomcat 6.0.18 I was using servlet 2.5.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic