-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Would like to get SSLSession from WebSocket on server to examine client certificates #890
Comments
Hello @doyledavidson, could you do me the favor and provide an repository with these client certificates working so I can figure out a good way on how to implement your request? Thank you very much! Best regards, |
Attached (I hope this works) is a zip with: I will be on vacation for the next week starting tomorrow, so please understand if I don't reply for a while. Doyle |
To be clear, if you put a break point in the onOpen() method in SimpleServer.java, I want to get to: So something like a method on WebSocket interface: Thanks again for consideration! Doyle |
Hello @doyledavidson, thank you very much for your example. Please check out #893 with my proposed solution! Best regards, |
That looks good! I would just change the IllegalArgumentException to IllegalStateException in the getSSLSession() impl. Thanks for looking into this! |
@doyledavidson thank you for taking a look at my proposal. Changed it to IllegalStateException |
I am using "TLS Client Certificates" when connecting to my WSS server. Everything works great with my own TrustManager supplied via a SSLContext set to require client authentication.
However i can find no formal mechanism to access the SSLSession from the WebSocket/WebSocketImpl. The WebSocketImpl has a channel which is implemented by the SSLSocketChannel that has an SSLEngine which has a getSession() method. Could you please add methods to expose the SSLSession from which I can get the peer certificates.
Obviously this is valid only for TLS connections.
Thanks for consideration!
Doyle
The text was updated successfully, but these errors were encountered: