You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Barbara Nelson <bn...@extricity.com> on 2000/11/18 03:48:55 UTC

IIS and client certificates

I am using Tomcat 3.2 beta7 with an IIS web server.  My servlet needs the
client certificate.  I have configured the redirector, and in my servlet I
can see the following request attributes:
HTTPS_SERVER_SUBJECT
HTTPS_SERVER_ISSUER
CERT_ISSUER
HTTPS_KEYSIZE
HTTPS_SECRETKEYSIZE
CERT_SERIALNUMBER
CERT_COOKIE
CERT_SUBJECT
CERT_FLAGS

How can I get the actual certificate?  When I redirect from Apache to
Tomcat, using AJP13, I get a request attribute containing the X509
certificate. I need the same functionality from IIS.  Does it exist?  (I'm
willing to modify the redirector, if anyone knows how to actually get the
certificate from IIS.)

Many thanks,
Barbara Nelson.