没啥可写的,直接看这些博文吧。。。
注:server.xml 双向认证 注意得配:truststoreFile,单向不用
浏览器客户端p12证书,需要添加到服务器的jks文件中。
http://www.blogjava.net/stevenjohn/archive/2012/08/22/385989.html
http://www.360doc.com/content/10/0401/23/633992_21237818.shtml
http://www.blogjava.net/stevenjohn/archive/2012/09/27/388647.html
以下代码,可以取到客户端证书,注意:只在双向认证下有效。
<%
X509Certificate[] certs = (X509Certificate[])
request.getAttribute("javax.servlet.request.X509Certificate");
if(null!=certs){
for(X509Certificate c: certs){
PublicKey publicKey = c.getPublicKey();
out.println(publicKey.getFormat());
out.println("<br/>");
//out.println(c.getExtendedKeyUsage());
X500Principal flag = c.getSubjectX500Principal();
String[] ss = flag.getName().split(","); ////CN=WCY_309184,OU=03
for(String s:ss){
// String[] ss1 = s.split(",", 1);
out.println("<br/>");
out.println(s);
}
}
}else{
out.println("X509Certificate is null.");
}
%>
tomcat https双向认证,布布扣,bubuko.com
原文:http://my.oschina.net/tangcoffee/blog/289455