On Mon, 17 Sep 2001, jean-frederic clere wrote:
> Date: Mon, 17 Sep 2001 19:00:06 +0200
> From: jean-frederic clere <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED], [EMAIL PROTECTED]
> To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
> Subject: SSL Attributes
>
> Hi,
>
> I have patched mod_jk for TC4.0 so that the SSL Attributes follow the spec's
> (SRV.4.7).
> I have not found anything in the 2.2 spec's about it.
>
> I have noted that the "javax.servlet.cert.X509Certificate" of TC3.3 is a String
> not an array of java.servlet.request.X509Certificate.
>
> What should we do?:
> 1 - Update TC3.3 code so that is compatible with 2.3 spec's.
> 2 - Document in tomcat-ssl-howto.html that in TC3.3
> "javax.servlet.cert.X509Certificate" is a String and add an example how to use
> it.
>
> I prefer 2.
>
Even in the 2.2 spec, this was required to be an array of certificates.
What did Tomcat 3.2 do? If 3.2 does it right, this would seem to be a
regression.
> Cheers
>
> Jean-frederic
>
> Note:
> javax.servlet.cert.X509Certificate is in JSSE.
> java.servlet.cert.X509Certificate is in JDK (even in 1.2.2).
>
Not only that, the JSSE version doesn't even inherit from the JDK version
:-(. When using JSSE (i.e. in Tomcat stand-alone) you have to convert the
certificates manually.
Craig
