12 Replies Latest reply on Oct 17, 2002 8:19 AM by mantos

    get X509Certificate with Tomcat ?

    araujo


      Hi,

      i'm using jboss 3.0 with tomcat 4.0.3, and i have configure tomcat (tomcat4-service.xml) to accept ssl connections. I'm using a client that is connecting to the tomcat and that is presenting his certificate. There is no problem with the connection, but when i try to get the information of the certificate in the servlet:

      X509Certificate cert = (X509Certificate) httpRequest.getAttribute("javax.servlet.request.X509Certificate");

      the variable cert is always null.

      Any idea ? Do i have to export any variables in the tomcat configuration file (if yes, how can i do that) ?

      Thanks very much for your help

      Regards

      .david





        • 1. Re: get X509Certificate with Tomcat ?
          bierstuebl

          I got nearly the same problem!!
          No one seems to have a solution for that.

          I also get a ClassCastException, but the Object i get returned from getAttribute("javax.servlet.request.X509Certificate") is not null.

          At least i can ask it, what type it is by

          req.getAttribute("javax.servlet.request.X509Certificate").getClass().toString());

          This tells me, that it is an Object of type javax.security.cert.X509Certificate !!!

          But when I try to cast it into an X509Certificate, theres always a ClassCastException. How can that be?

          If anyone has got an idea, please post it, i'm desperatly in need of a solution !

          Thank you, Bierstuebl

          • 2. Re: get X509Certificate with Tomcat ?
            araujo

            Hi,

            have you done anything in the tomcat config file (tomcat4-service.xml) for getting access to that
            javax.security.cert.X509Certificate object ?

            In the tomcat4-service.xml do you have something like this :

            <!-- SSL/TLS Connector configuration using the SSL domain keystore (Server authentication) -->




            Thanks

            .david

            • 3. Re: get X509Certificate with Tomcat ?
              araujo


              Hi,

              have you done anything in the tomcat config file (tomcat4-service.xml) for getting access to that
              javax.security.cert.X509Certificate object ?

              In the tomcat4-service.xml do you have something like this :

              <!-- SSL/TLS Connector configuration using the SSL domain keystore (Server authentication) -->




              Thanks

              .david

              • 4. Re: get X509Certificate with Tomcat ?
                araujo

                Hi,

                have you done anything in the tomcat config file (tomcat4-service.xml) for getting access to that
                javax.security.cert.X509Certificate object ?

                In the tomcat4-service.xml do you have something like this :

                <!-- SSL/TLS Connector configuration using the SSL domain keystore (Server authentication) -->




                Thanks

                .david

                • 5. Re: get X509Certificate with Tomcat ?
                  araujo


                  Hi,

                  have you done anything in the tomcat config file (tomcat4-service.xml) for getting access to that
                  javax.security.cert.X509Certificate object ?

                  In the tomcat4-service.xml do you have something like this :

                  <!-- SSL/TLS Connector configuration using the SSL domain keystore (Server authentication) -->




                  Thanks

                  .david

                  • 6. Re: get X509Certificate with Tomcat ?
                    araujo

                    Hi,

                    have you done anything in the tomcat config file (tomcat4-service.xml) for getting access to that
                    javax.security.cert.X509Certificate object ?

                    In the tomcat4-service.xml do you have something like this :

                    <!-- SSL/TLS Connector configuration using the SSL domain keystore (Server authentication) -->




                    Thanks

                    .david

                    • 7. Re: get X509Certificate with Tomcat ?
                      araujo

                      Hi,

                      have you done anything in the tomcat config file (tomcat4-service.xml) for getting access to that
                      javax.security.cert.X509Certificate object ?

                      In the tomcat4-service.xml do you have something like this :

                      <!-- SSL/TLS Connector configuration using the SSL domain keystore (Server authentication) -->




                      Thanks

                      .david

                      • 8. Re: get X509Certificate with Tomcat ?
                        araujo

                        Hi,

                        have you done anything in the tomcat config file (tomcat4-service.xml) for getting access to that
                        javax.security.cert.X509Certificate object ?

                        In the tomcat4-service.xml do you have something like this :

                        <!-- SSL/TLS Connector configuration using the SSL domain keystore (Server authentication) -->




                        Thanks

                        .david

                        • 9. Re: get X509Certificate with Tomcat ?
                          araujo

                          Hi,

                          have you done anything in the tomcat config file (tomcat4-service.xml) for getting access to that
                          javax.security.cert.X509Certificate object ?

                          In the tomcat4-service.xml do you have something like this :

                          <!-- SSL/TLS Connector configuration using the SSL domain keystore (Server authentication) -->




                          Thanks

                          .david

                          • 10. Re: get X509Certificate with Tomcat ?
                            cconway

                            When you do your cast, use the fully qualified class name to make sure you aren't picking up another class with the name X509Certificate.

                            javax.security.cert.X509Certificate cert = (javax.security.cert.X509Certificate )attribute;

                            You can check your imports to see if you're importing two classes with the same name.

                            • 11. Re: get X509Certificate with Tomcat ?
                              cconway

                              I retract my previous post. I am trying to enable SSL and I am also getting a ClassCastException. Its comming from the server not my code.

                              Did you ever figure out how to get around the ClassCastException?

                              • 12. Re: get X509Certificate with Tomcat ?
                                mantos

                                this is the correct cast

                                java.security.cert.X509Certificate [] certs = (java.security.cert.X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");