0 Replies Latest reply on Dec 22, 2009 11:21 AM by yoshuacas

    SSL: How to redirect from HTTPS to HTTP if Client Certificate is not existent?

    yoshuacas

       

      Hi,

       

      My application requires client certification. Confiruring SSL is not a problem and everything works more than well, my real focus right now is on improving user experience. After following the configuration presented in "how to SSL" you end up with a jboss server that will throw errors to the client whenever he doesn´t have a certificate to identify himself.

       

      Firefox will show:

      SSL peer cannot verify your certificate.
      (Error code: ssl_error_bad_cert_alert)

       

       

      Internet Explorer 8 will show:

      Internet Explorer cannot display the webpage

       

      When the client has a certificate installed in his browser of course I don´t see those errors.

       

      SO... The behaviour is correct BUT I would like to be able to redirect my users to a webpage where they can follow instructions to retrieve their certificate... I use right now EJBCA but any CA provides this important page "Get your cert", those usually are found under HTTP so they can be reached by any user that doesn´t have his cert.

       

      Right now no matter how much I research nobody seems to propose similar situations.

       

      So I think I could summarize my question in how to redirect users from HTTPS to HTTP if the SSL handshake fails.

       

      Salu2 and thanks upfront.