I am using Tomcat 3.2 beta7 with an IIS web server. My servlet needs the client certificate. I have configured the redirector, and in my servlet I can see the following request attributes: HTTPS_SERVER_SUBJECT HTTPS_SERVER_ISSUER CERT_ISSUER HTTPS_KEYSIZE HTTPS_SECRETKEYSIZE CERT_SERIALNUMBER CERT_COOKIE CERT_SUBJECT CERT_FLAGS How can I get the actual certificate? When I redirect from Apache to Tomcat, using AJP13, I get a request attribute containing the X509 certificate. I need the same functionality from IIS. Does it exist? (I'm willing to modify the redirector, if anyone knows how to actually get the certificate from IIS.) Many thanks, Barbara Nelson.
