I have an embedded Jetty server running in Ktor. I'm trying to expose the client's certificate so I can do custom authentication on it, however, adding SecureRequestCustomizer() does not seem to add the client's certificate to the servlet attributes as is indicated in the documentations. In fact, when I hit my server, it does not even prompt me for a certificate.
The only way I can get the server to ask for a certificate is by setting wantClientAuth = true, but doing this causes an ssl error.
Ideally, I'd want Jetty to prompt for a certificate but not do any validation on it (getting it to accept all certs in conjunction with wantClientAuth doesn't seem to work) and then to pass the cert to the servlet request attributes.
Any suggestions are appreciated since I've been struggling with this problem for some time.
I managed to solve the issue, was caused by the trust store being misconfigured, fixing that and causing the handshake to pass allowed the certificate information to trickle down inside my app.