2008-04-24
Apache 2 mod_jk tomcat 5 双向SSL认证 传递证书信息
Apache http.conf LoadModule jk_module modules/mod_jk.so # Declare the module for <IfModule directive>; #AddModule mod_jk.c SSLOptions +StdEnvVars +ExportCertData 这个重要 #-------------------mod_jk------------------- LoadModule jk_module modules/mod_jk.so # Declare the module for <IfModule directive>; #AddModule mod_jk.c # Where to find workers.properties JkWorkersFile conf/workers.properties # Where to put jk logs JkLogFile logs/mod_jk.log # Set the jk log level [debug/error/info] JkLogLevel info # Select the log format JkLogStampFormat "[%a %b %d %H:%M:%S %Y] " # JkOptions indicate to send SSL KEY SIZE, JkOptions +ForwardSSLCertChain +ForwardKeySize +ForwardURICompat #JkOptions +ForwardSSLCertChain # JkRequestLogFormat set the request format JkRequestLogFormat "%w %V %T" # Send servlet for context /examples to worker named worker1 JkMount /jsp-examples/servlet/* worker1 # Send JSPs for context /examples to worker named worker1 JkMount /jsp-examples/* worker1
workers.properties
# Define 1 real worker using ajp13 worker.list=worker1 # Set properties for worker1 (ajp13) worker.worker1.type=ajp13 worker.worker1.host=localhost worker.worker1.port=8009 worker.worker1.lbfactor=50 worker.worker1.socket_keepalive=1 worker.worker1.socket_timeout=300
JAVA代码:
<%X509Certificate[]cert=(X509Certificate[])request.getAttribute("javax.servlet.request.X509Certificate");%>
fdsa:<%=cert[0].getSubjectDN().toString()%>
评论排行榜