You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Joao Cerdeira <jo...@multicert.com> on 2002/12/13 12:31:24 UTC
Problem Obteining the certicate Chain with Apache+mod_jk+tomcat
HI,
I Have:
Apache 1.3.27-10
mod_ssl 2.8.7-4
modutils 2.4.14-3
mod_jk 1.3-1.0-1.4.0.2
tomcat 4.0.3
* This is my JK mounk config:
*
JkEnvVar SSL_CLIENT_CERT SSL_CLIENT_CERT
JkMount /dgt/* ajp13
JkEnvVar SSL_CLIENT_CERT_CHAIN_0 SSL_CLIENT_CERT_CHAIN_0
<Location /servlets>
SSLRequire true
SSLOptions +StdEnvVars +ExportCertData
SSLVerifyClient require
SSLVerifyDepth 10
</Location>
*
And this what i'm trying ti do:*
X509Certificate[] certs =
(X509Certificate[])
request.getAttribute("javax.servlet.request.X509Certificate");
*And the problem
*
i'm trying to do a https client side connection.
the certs array just have 1 certificate
but my certificate chain installed in the browser have 3 certificates.
To debug the problem i make a cgi to print vars, but in the result are:
........................
SSL_CLIENT_A_SIG="sha1WithRSAEncryption"
SSL_CLIENT_CERT="-----BEGIN CERTIFICATE-----\nMIIF5jCCB ............................
SSL_CLIENT_CERT_CHAIN_0="-----BEGIN CERTIFICATE-----\nMIID7TCCA1ag ..............................
OK i discovered another problem my apache only give me 2 of the 3
certificates.
Apache don't give me the root certificate of my chain.
*My question:*
What i must do, to obtein all the certificates ????
thanks for reading my question
answer if you know please
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>