"Clere, Jean-Frederic" wrote:
>
> Hi,
>
> I have patched mod_jk for TC4.0 so that the SSL Attributes follow the spec's
> (SRV.4.7).
> I have not found anything in the 2.2 spec's about it.
>
> I have noted that the "javax.servlet.cert.X509Certificate" of TC3.3 is a String
> not an array of java.servlet.request.X509Certificate.
>
> What should we do?:
> 1 - Update TC3.3 code so that is compatible with 2.3 spec's.
> 2 - Document in tomcat-ssl-howto.html that in TC3.3
> "javax.servlet.cert.X509Certificate" is a String and add an example how to use
> it.
>
> I prefer 2.
>
> Cheers
>
> Jean-frederic
>
> Note:
> javax.servlet.cert.X509Certificate is in JSSE.
> java.servlet.cert.X509Certificate is in JDK (even in 1.2.2).
I have found it the 2.2 Spec's (5.7 SSL Attributes).
Now I have started to fix Ajp13 in jakarta-tomcat so that it follows the spec's.
For the moment I will only return the first certificate. Returning the complete
chain is quite a lot of data and it is probably useless for applications.
