HTTPServletRequest中的用户证书为空
[英]User Certificate is Null in HTTPServletRequest
问题描述
I am running a servlet in Weblogic 10.3 with two-way SSL enabled. 
我在Weblogic 10.3中运行了一个servlet,启用了双向SSL。 When I try to get the following attributes from the HTTPServletRequest, both are null: 当我尝试从HTTPServletRequest获取以下属性时,两者都为null:
- javax.servlet.request.X509Certificate
- weblogic.servlet.request.SSLSession
How then do I access the user's certificate from the servlet? 那么如何从servlet访问用户的证书? I have searched online with no luck. 我在线搜索没有运气。
1 个解决方案
解决方案1
0 2011-09-13 18:43:43
I would take a look at how your keystore is set up. 我会看看你的密钥库是如何设置的。 From my experience, this kind of error can occur if the user's or server's signed certificate isn't imported into the keystore correctly. 根据我的经验,如果用户或服务器的签名证书未正确导入密钥库,则会发生此类错误。
To verify this, run keytool on your keystore to determine which alias in the keystore contains a private key. 要验证这一点,请在密钥库上运行keytool,以确定密钥库中的哪些别名包含私钥。 Then, take a look at that alias and see if it has the signed (approved) certificate associated with it, or if the signed certificate has another alias associated with it. 然后,查看该别名,看看它是否具有与之关联的签名(已批准)证书,或者签名证书是否具有与之关联的其他别名。
This kind of error is common when using applications which will only look for a specific alias in your keystore for validation. 在使用仅在密钥库中查找特定别名以进行验证的应用程序时,这种错误很常见。 Normally this is configurable so that you can ensure that your certificates all have unique "names" in the certificate. 通常,这是可配置的,以便您可以确保证书在证书中都具有唯一的“名称”。 It is common, for example, to use a linux box' hostname in the certificate name, and then to create an alias that is the hostname. 例如,通常在证书名称中使用linux box'主机名,然后创建作为主机名的别名。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.