Hi all, This is my first message to the forum. Pleased to meet you
I'm getting crazy with Liberty Profile and https with CLIENT-CERT
I've configured the ssl on WLP 8.5 and tested it using openssl s_client -cert my client cert -CAfile my server issuer cert
Using a browser everything seems to be ok. The browser ask me to select the certificate to be sent and the server returns the requested page but, into the servlet code, the request.getAttribute("javax.servlet.cert.X509Certificate") method returns null.
This only happens when using the windows version of the server. Linux version works OK
I think it's a bug but i'm here because i'm possibly doing someting wrong. See the attached zip for details, that is:
- servlet code
- openssl s_client input/output
- console messages
Thank you for be there
This topic has been locked.
2 replies Latest Post - 2012-12-17T15:07:34Z by SystemAdmin
Pinned topic is wlp working fine with ssl CLIENT-CERTs?
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Re: is wlp working fine with ssl CLIENT-CERTs?2012-12-13T23:01:10Z in response to SystemAdminHi,
Awesome to see the logs in Spanish for the first time! On your Linux server, do you have the same features? I ask because I was expecting you would need to include appSecurity-1.0 in your feature list for protecting your war file.
Re: is wlp working fine with ssl CLIENT-CERTs?2012-12-17T15:07:34Z in response to SystemAdminWell, i like to be your first time partner for something. :)
After reading your post i used the attached files in my linux and the result was correct (the client certifificate was available in the corresponding request attribute).
It's not easy to understand why this behaviour is diferent when the wlp versions are the same. The only diference is in the JVM. In Linux i'm using the OpenJDK and, in windows, the oracle jdk (always on Java 6). I suposse it's a bug and i'm going to report it when i find the time to provide a testing scenario.
I'm also surprised to be te first to have this kind of problem
Thank's, Elisa for your interest