没啥可写的,直接看这些博文吧。。。
注:server.xml 双向认证 注意得配:truststoreFile,单向不用
浏览器客户端p12证书,需要添加到服务器的jks文件中。
http://www.blogjava.net/stevenjohn/archive/2012/08/22/385989.html
http://www.360doc.com/content/10/0401/23/633992_21237818.shtml
http://www.blogjava.net/stevenjohn/archive/2012/09/27/388647.html
以下代码,可以取到客户端证书,注意:只在双向认证下有效。
<% X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate"); if(null!=certs){ for(X509Certificate c: certs){ PublicKey publicKey = c.getPublicKey(); out.println(publicKey.getFormat()); out.println("<br/>"); //out.println(c.getExtendedKeyUsage()); X500Principal flag = c.getSubjectX500Principal(); String[] ss = flag.getName().split(","); ////CN=WCY_309184,OU=03 for(String s:ss){ // String[] ss1 = s.split(",", 1); out.println("<br/>"); out.println(s); } } }else{ out.println("X509Certificate is null."); } %>
tomcat https双向认证,布布扣,bubuko.com
原文地址:http://my.oschina.net/tangcoffee/blog/289455