You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Si...@saaconsultants.com on 2007/06/21 16:38:00 UTC
No X509Certificate Attribute In IIS Redirected Request
Hi,
I'm using:
IIS V6.0
JK 1.2.23
Tomcat 6.0.13
No X509Certificate attribute is present in the request header received by
my servlet when using Client Authenticated SLL with IIS6 and JK1.
If I use Apache 2.2 with the mod_proxy modules it works fine.
Is this a bug? If so, in what... IIS or JK1?
Does anyone know of a workaround? Will JK2 fix my problem?
My customer must use IIS... so replacing with Apache is not an option. :-(
TIA
Simon Temple
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: No X509Certificate Attribute In IIS Redirected Request
Posted by Bill Barker <wb...@wilshire.com>.
<Si...@saaconsultants.com> wrote in message
news:OFCCE0BA07.088C9E9F-ON80257301.004EF6C7-80257301.005062AB@SAAConsultants.com...
>
> Hi,
>
> I'm using:
>
> IIS V6.0
> JK 1.2.23
> Tomcat 6.0.13
>
> No X509Certificate attribute is present in the request header received by
> my servlet when using Client Authenticated SLL with IIS6 and JK1.
>
> If I use Apache 2.2 with the mod_proxy modules it works fine.
>
> Is this a bug? If so, in what... IIS or JK1?
>
Don't know, and I don't have access to an IIS machine to look myself. If
you are using the JK/Java Connector (default if APR isn't installed), then
configuring DEBUG logging for the category 'org.apache.jk' should give you a
request dump that may show if the cert is being sent. Configuring DEBUG
logging on the native JK side should also help see what IIS is giving back
for the cert.
> Does anyone know of a workaround? Will JK2 fix my problem?
>
> My customer must use IIS... so replacing with Apache is not an option.
> :-(
>
>
> TIA
>
>
> Simon Temple
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: No X509Certificate Attribute In IIS Redirected Request
Posted by Rainer Jung <ra...@kippdata.de>.
I never used it. If you have a test system, you could switch you switch
the log level of the isapi plugin to debug and check, if your plugin log
file shows messages containing
Client Certificate encoding
Then you would at least find out, if the plugin detected a client
certificate.
Regards,
Rainer
Simon.Temple@saaconsultants.com wrote:
> Hi,
>
> I'm using:
>
> IIS V6.0
> JK 1.2.23
> Tomcat 6.0.13
>
> No X509Certificate attribute is present in the request header received by
> my servlet when using Client Authenticated SLL with IIS6 and JK1.
>
> If I use Apache 2.2 with the mod_proxy modules it works fine.
>
> Is this a bug? If so, in what... IIS or JK1?
>
> Does anyone know of a workaround? Will JK2 fix my problem?
>
> My customer must use IIS... so replacing with Apache is not an option. :-(
>
>
> TIA
>
>
> Simon Temple
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org