Topic
  • 2 replies
  • Latest Post - ‏2012-12-17T15:07:34Z by SystemAdmin
SystemAdmin
SystemAdmin
590 Posts

Pinned topic is wlp working fine with ssl CLIENT-CERTs?

‏2012-12-13T21:05:17Z |
Hi all, This is my first message to the forum. Pleased to meet you

I'm getting crazy with Liberty Profile and https with CLIENT-CERT

I've configured the ssl on WLP 8.5 and tested it using openssl s_client -cert my client cert -CAfile my server issuer cert

Using a browser everything seems to be ok. The browser ask me to select the certificate to be sent and the server returns the requested page but, into the servlet code, the request.getAttribute("javax.servlet.cert.X509Certificate") method returns null.

This only happens when using the windows version of the server. Linux version works OK

I think it's a bug but i'm here because i'm possibly doing someting wrong. See the attached zip for details, that is:

- server.xml
- servlet code
- web.xml
- openssl s_client input/output
- console messages

Thank you for be there
  • SystemAdmin
    SystemAdmin
    590 Posts

    Re: is wlp working fine with ssl CLIENT-CERTs?

    ‏2012-12-13T23:01:10Z  
    Hi,
    Awesome to see the logs in Spanish for the first time! On your Linux server, do you have the same features? I ask because I was expecting you would need to include appSecurity-1.0 in your feature list for protecting your war file.

    Thanks,
    Elisa
  • SystemAdmin
    SystemAdmin
    590 Posts

    Re: is wlp working fine with ssl CLIENT-CERTs?

    ‏2012-12-17T15:07:34Z  
    Hi,
    Awesome to see the logs in Spanish for the first time! On your Linux server, do you have the same features? I ask because I was expecting you would need to include appSecurity-1.0 in your feature list for protecting your war file.

    Thanks,
    Elisa
    Well, i like to be your first time partner for something. :)

    After reading your post i used the attached files in my linux and the result was correct (the client certifificate was available in the corresponding request attribute).

    It's not easy to understand why this behaviour is diferent when the wlp versions are the same. The only diference is in the JVM. In Linux i'm using the OpenJDK and, in windows, the oracle jdk (always on Java 6). I suposse it's a bug and i'm going to report it when i find the time to provide a testing scenario.

    I'm also surprised to be te first to have this kind of problem

    Thank's, Elisa for your interest