I am using Mina with a SslFilter, configured with “client authentication needed”.
Once a connection is made and a handshake is done, how to get the certificate (or the principal) of the peer on the other side of the connection from my subclass of the IoHandler on the server ?
Edit: in other words, how to get the relation between a IoSession and the principal once the handshake is done and the IoHandler.sessionOpened() is called.
It looks like you can get the
SslFilter.getSslSession(...). Then, use
SSLSession.getPeerCertificateChain() to get the client certificate chain. The actual client certificate is at position 0 in that array.