https://bz.apache.org/bugzilla/show_bug.cgi?id=64353
Bug ID: 64353
Summary: Add support for accessing server certificate from TLS
context
Product: Tomcat 10
Version: 10.0.0-M4
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Connectors
Assignee: dev@tomcat.apache.org
Reporter: micha...@apache.org
Target Milestone: ------
Based on this discussion:
https://www.mail-archive.com/users@tomcat.apache.org/msg134872.html
There should be an option to access the used server certificate from the
current request being served by one TLS context. As easy as:
request.getAttribute("magic_name")
Return would be, similar to client certs, X509Certificate or X509Certificate[].
This requires these changes (non-exhaustive):
* SSLSupport implementations
* Define a new property in SSLSupport and org.apache.catalina.Globals for the
server cert
* org.apache.catalina.util.TLSUtil.isTLSRequestAttribute(String) and its
callers
* org.apache.coyote.AbstractProcessor.populateSslRequestAttributes() to add new
attribute to the request
* SSLValve to read server cert from reverse proxy, CGI var SSL_SERVER_CERT
* AJP and friends to deliver this piece of information
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
