CODEWITHSUNDEEP
javaspringcertificatex509
MissBonbon
MissBonbon

Reputation: 161

Spring Boot - Reading x509 client certificate from HTTP request

How to receive a x509 certificate from client? I'm using Java's Spring-Boot-Framework with embedded tomcat. For protyping I configured this with Java SE:

HttpsExchange httpsExchange = (HttpsExchange) httpReq;

name = httpsExchange.getSSLSession().getPeerPrincipal().getName();

A user gave me a reference to do this here (down below)

@RequestMapping(value = "/grab")
public void grabCert(HttpServletRequest servletRequest) {
    Certificate[] certs = 
            (Certificate[]) servletRequest.getAttribute("javax.servlet.request.X509Certificate");
}

But I'm not able to get some certificate! Maybe because I'm using tomcat, and it is handling all SSL-Connections. So that no certificate is receiving my application. What I have to do, to get the clients certificate? The client certificate is used to get https connection. I need some information from the subject of the certificate. Thanks.

Upvotes: 7

Views: 17965

Answers (2)

Andy Brown
Andy Brown

Reputation: 12999

When you upgrade to Spring Boot 3.x the servlet request attribute has been renamed to be consistent with the renamed javax to jakarta packages. So now it's:

request.getAttribute("jakarta.servlet.request.X509Certificate")

Upvotes: 3

djointster
djointster

Reputation: 356

You have to get it from the HttpServletRequest.

You can check the answer to this question: How to get the certificate into the X509 filter (Spring Security)?:

No you can't get it that way. You need to grab it from the HttpServletRequest:

X509Certificate[] certs = (X509Certificate[])HttpServletRequest.getAttribute("javax.servlet.request.X509Certificate");

This was the post I was trying to point you to, written by Gandalf.

And this was the original question

Upvotes: 8

Related Questions