Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

How to get X509Certificate from HTTP header after SSL off load? -EMERGENCY-

843811Aug 22 2005 — edited Sep 20 2005
There is an F5 BIG-IP who made HTTPS connections to HTTP, and inserted PEM format client's certificate to HTTP header, and delivered client's certificate to WebLogic server.
I can see the certificate in HTTP header on WebLogic, it is like this:
-----BEGIN CERTIFICATE-----
MIID7zCCA1igAwIBAgIEQHQLqzANBgkqhkiG9w0BAQUFADAgMQswCQYDVQQGEwJD TjERMA8GA1UEChMIQ0ZDQSBPQ0EwHhcNMDUwNjA5MDcxMzU2WhcNMDYwNjA5MDc0 
...............
...............
-----END CERTIFICATE-----
Now, the problem is: how to get X509Certificate class on WebLogic?
I use code like this:
import java.security.cert.*;

private String getSerialNumber(HttpServletRequest request)throws Exception
{
 try {
  String clientcert = request.getHeader("SSLClientCert");
  
if (clientcert != null) 
  {
   InputStream inStream = new ByteArrayInputStream(clientcert.getBytes());
   CertificateFactory cf = CertificateFactory.getInstance("X.509");
   X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);
   inStream.close();
   
                              BigInteger serialNumber = cert.getSerialNumber();
                              byte[] a = serialNumber.toByteArray();
...........................
....................
.........
It can be compiled successfully, but error occured at line "X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);" when I run it.

Anyone can help me?
Appreciating for any advise!
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Oct 18 2005
Added on Aug 22 2005
#java-secure-socket-extension-jsse
2 comments
699 views