User Certificate is Null in HTTPServletRequest
I am running a servlet in Weblogic 10.3 with two-way SSL enabled. When I try to get the following attributes from the HTTPServletRequest, both are null:
- javax.servlet.request.X509Certificate
- weblogic.servlet.request.SSLSession
How then do I access the user's certificate from the servlet? I have searched online with no l开发者_运维技巧uck.
I would take a look at how your keystore is set up. From my experience, this kind of error can occur if the user's or server's signed certificate isn't imported into the keystore correctly.
To verify this, run keytool on your keystore to determine which alias in the keystore contains a private key. Then, take a look at that alias and see if it has the signed (approved) certificate associated with it, or if the signed certificate has another alias associated with it.
This kind of error is common when using applications which will only look for a specific alias in your keystore for validation. Normally this is configurable so that you can ensure that your certificates all have unique "names" in the certificate. It is common, for example, to use a linux box' hostname in the certificate name, and then to create an alias that is the hostname.
精彩评论