Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] HTTPS with client certificate


I've got a problem with embbeding jetty 7.1.6.

The Jetty is setup to server SSL secured HTTPConnection,
where the user has to authenticate himself, via his
certificate from a PKI card.

This works like a charm, my problem start with the fine
tuning. Lets assume that the server where jetty runs
has a DNS named like this:


If the user request this server via this URL


The browser fetches the server certificate, which
is issued for jetty.domain.tld and everything works
like it should.

But because the server should be running internally
many user will access the server with this URL:


And there comes now trouble some step, because the
browser request jetty and it doesn't match with the
server from the certificate, the browser issues a warning.

To avoid this i thought about something to tell jetty
to redirect request, which are directed the full DNS
name, to jetty.domain.tld.

I tried various solutions, which all failed, because
the SSLEngine is always instantiated before i can hook
in, and throws somewhere a SSLException with bad certificate.

The following i tried:

 * Overwrite the customize method of the SSLSellectChannleConnector

* Place a custom Handler between the Server class and the ContextHandlerCollection.

And search to Google failed. And now i have no clue where to go further
any help is appreciate.

best regards

Max Larsson



Max Larsson
facilityboss GmbH
Rheinstrasse 75, 64295 Darmstadt / Germany
Handelsregister Darmstadt, HRB 86193
Geschäftsführer: Dipl.-Inform. Larsson

Fax:   +49 6151 869 278
Mobil: +49 179 2184428
Email: max.larsson@xxxxxxxxxxxxxxxx

fn:Max Larsson

Back to the top