This week's book giveaway is in the JavaScript forum.
We're giving away four copies of Cross-Platform Desktop Applications: Using Node, Electron, and NW.js and have Paul Jensen on-line!
See this thread for details.
Win a copy of Cross-Platform Desktop Applications: Using Node, Electron, and NW.js this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Cannot retrieve client cert when requesting javax.net.ssl.peer_certificates  RSS feed

 
Bryan Pan
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

I am upgrading from Tomcat 6.0.18 to 7.0.21 (32-bit Win zip).

Previously, when requesting a client certificate I would use:

X509Certificate[] certs = (X509Certificate[])req.getAttribute("javax.net.ssl.peer_certificates");

However, after upgrading to 7.0.21 this no longer works. Instead it returns null.

However, I can retrieve the client certificate when I use:

X509Certificate[] certs = (X509Certificate[])req.getAttribute("javax.servlet.request.X509Certificate");

I'm curious as to why the javax.net.ssl.peer_certificates parameter no longer works in this case. Is it an issue cause by a Tomcat regression change?
Also I have only been able to find a reference to it in the 2.1 servlet specification. However, while using tomcat 6.0.18 I was using servlet 2.5.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!