[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[jetty-users] How to configure Jetty 9 so x509 client certificate is transferred in https requests?
|
Hello all,
I'm trying to setup Jetty 9 so that client certificate is passed with
HTTPs requests.
I followed current instructions when setting up ssl (including
certificates generation):
http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html.
I also have a dummy client certificate that I added to my FireFox
certificates.
My very basic simple servlet that prints out value of
request.getAttribute( "javax.servlet.request.X509Certificate" );
always prints null back instead of Object reference. The odd thing is
that server doesn't "ask" for user certificate when I call servlet
(i.o.w. there is no popup "select certificate", as it is for instance
when I connect to Apache's ssl connection) via
https://myserver:8443/simple-servlet.
I have a working setup with Jetty 6.1.26 and AJP connector (so request
chain looks like Apache:443 -> Jetty's AJP:8009). In this environment,
the same servlet outputs an Object reference (naturally, url is slightly
different, https://myserver:443/simple-servlet).
I wonder whether I'm missing something in my Jetty 9 ssl/https
configuration files? So far I only found a number of references to
setting "NeedClientAuth" property to true for SslContextFactory, but
doing that only causes the request to be aborted by Jetty (nothing gets
logged in stderr, but I can see that in Firebug's NET tab).
It also is very possible I'm missing something obvious, or trying to do
something that is impossible -- this area is fairly new to me.
I can provide my current config files if that's needed.
Thanks in advance,
Alex-