Reputation: 1
Tomcat SSL_CLIENT_S_DN Request Header
I have a webapp running within a Tomcat instance (9.0.31) in which I need specific HTTPS header requests from the HttpServletRequest. However it appears the HttpServletRequest does not have the specific request such as SSL_CLIENT_S_DN.
I have enabled clientAuth="true" inside the Tomcat server.xml file.
It should be noted that I am NOT proxying the request via Apache HTTPD and as such adding the follow to /etc/httpd/conf.d/ssl.conf is not possible.
RequestHeader set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s"
Upvotes: 0
Views: 827
Answers (1)
Reputation: 1
After a fair amount of research I am unclear if a HeaderRequest SSL_CLIENT_S_DN even exists in Tomcat.
For clarification I originally attempted the following
HttpServletRequest request = <HttpServletRequest Object>
String certDN = request.getHeader("SSL_CLIENT_S_DN");
Since SSL_CLIENT_S_DN did not exist, this would results in an empty or null string.
Instead I had to make a call to getAttribute() to retrieve the certificate information that way.
HttpServletRequest request = <HttpServletRequest Object>
X509Certificate certs[] = (X509Certificate[])request.getAttribute("javax.servlet.request.X509Certificate")
for (X509Certificate cert : certs)
{
sys.stdout.print("Issuer DN [" + cert.getIssuerDN() + "]");
}
Upvotes: 0
Related Questions
- Tomcat and SSL Client certificate
- Tomcat Client Authentication using SSL
- Client's certificate authentication issue in Tomcat in 7.0.100+
- Tomcat + SSL configuration + Client
- SSL Tomcat Configuration
- Hitting Tomcat HTTPS URL with a Java Client
- Get client certificate DN in tomcat
- org.apache.coyote.http11.AbstractHttp11Processor.process Error parsing HTTP request header
- Configuring SSL with tomcat
- tomcat ssl client handshake java error