[jetty-users] Getting local and peer certificates from a request

[<Stephen.CTR.Chappell@xxxxxxx>]

Hi –

 

I am porting some code from Jetty 7 to Jetty 9.2, and trying to extract both local and peer certificates. In 7, I had some code that did this in a fairly straightforward way …

 

void getTlsCerts(Request servletRequest) {

       EndPoint endpoint = servletRequest.getConnection().getEndPoint();

        SSLSession session = null;

       

        if (endpoint instanceof SslEndPoint) {

                session = ((SslEndPoint) endpoint).getSslEngine().getSession();

        }

 

        if (session != null) {

            Certificate[] peerCerts = null;

            Certificate[] localCerts = session.getLocalCertificates();

            try {

                peerCerts = session.getPeerCertificates();

            }

            catch (SSLPeerUnverifiedException e) {

                log.debug("Peer unverified while attempting to extract peer certificates.", e);

            }

 

           // do stuff with certs

}

 

But in Jetty 9, there’s no way that I can find to start with a Request and end up with an SSLSession. I can get one of the certs using something like this:

 

                      X509Certificate[] certs = (X509Certificate[])servletRequest.getAttribute("javax.servlet.request.X509Certificate");

 

But then how do I get the other?

 

Thanx, any help would be appreciated.

 

Stephen W. Chappell