Hi –
I am porting some code from Jetty 7 to Jetty 9.2, and trying to extract both local and peer certificates. In 7, I had some code that did this in a fairly straightforward way …
void getTlsCerts(Request servletRequest) {
EndPoint endpoint = servletRequest.getConnection().getEndPoint();
SSLSession session = null;
if (endpoint instanceof SslEndPoint) {
session = ((SslEndPoint) endpoint).getSslEngine().getSession();
}
if (session != null) {
Certificate[] peerCerts = null;
Certificate[] localCerts = session.getLocalCertificates();
try {
peerCerts = session.getPeerCertificates();
}
catch (SSLPeerUnverifiedException e) {
log.debug("Peer unverified while attempting to extract peer certificates.", e);
}
// do stuff with certs
}
But in Jetty 9, there’s no way that I can find to start with a Request and end up with an SSLSession. I can get one of the certs using something like this:
X509Certificate[] certs = (X509Certificate[])servletRequest.getAttribute("javax.servlet.request.X509Certificate");
But then how do I get the other?
Thanx, any help would be appreciated.
Stephen W. Chappell