遵循Quarkus Getting Started指南和enabling SSL之后,我要做的下一步是获取客户端证书链。

我想做这样的事情:

    private X509Certificate extractCertificate(HttpServletRequest req) {
        X509Certificate[] certs = (X509Certificate[])
        req.getAttribute("javax.servlet.request.X509Certificate");
        if (null != certs && certs.length > 0) {
            return certs[0];
        }
        throw new RuntimeException("No X.509 client certificate found in request");
     }


按照入门指南的说明,注入HttpServletRequest并非如本issue中所述直接进行

那么如何访问客户端证书链?

最佳答案

经过研究后,我最终使用类io.vertx.core.http.HttpServerRequest获得了以下解决方案

private X509Certificate extractCertificate(HttpServerRequest req) throws SSLPeerUnverifiedException {
    X509Certificate[] certs = req.connection().peerCertificateChain();
    if (null != certs && certs.length > 0) {
        return certs[0];
    }
    throw new RuntimeException("No X.509 client certificate found in request");
}

07-28 00:54