Add in server cert details

gradle/version

@@ -1 +1 @@
-5.0.0-8218ab713ef1e3a44bfbf22379dae55acbc6c6ad-060f7b26320ac8ccf3354119f4f0eff75f986553
+5.0.0-60ea550f3062af51b04eeff5a9ceadc330dfb271-060f7b26320ac8ccf3354119f4f0eff75f986553

src/main/java/runwar/Server.java

@@ -51,7 +51,7 @@
 import runwar.undertow.MappedResourceManager;
 import runwar.undertow.HostResourceManager;
 import runwar.undertow.RequestDebugHandler;
-import runwar.undertow.SSLClientCertHeaderHandler;
+import runwar.undertow.SSLCertHeaderHandler;
 import runwar.undertow.LifecyleHandler;
 import runwar.undertow.WelcomeFileHandler;
 import runwar.undertow.SiteDeployment;
@@ -344,7 +344,7 @@ public synchronized void startServer(final ServerOptions options) throws Excepti
                     @Override
                     public HttpHandler wrap(HttpHandler next) {
                         // Set SSL_CLIENT_ headers if client certs are present
-                        return new SSLClientCertHeaderHandler( next, serverOptions.cfEngineName().toLowerCase().contains( "lucee" ) );
+                        return new SSLCertHeaderHandler( next, serverOptions.cfEngineName().toLowerCase().contains( "lucee" ) );
 
                     }
                 });

src/main/java/runwar/undertow/BindingMatcherHandler.java

@@ -53,7 +53,7 @@
 import runwar.undertow.MappedResourceManager;
 import runwar.undertow.HostResourceManager;
 import runwar.undertow.RequestDebugHandler;
-import runwar.undertow.SSLClientCertHeaderHandler;
+import runwar.undertow.SSLCertHeaderHandler;
 import runwar.undertow.LifecyleHandler;
 import runwar.undertow.WelcomeFileHandler;
 import runwar.undertow.SiteDeployment;

src/main/java/runwar/undertow/ListenerManager.java

@@ -57,7 +57,7 @@
 import runwar.undertow.MappedResourceManager;
 import runwar.undertow.HostResourceManager;
 import runwar.undertow.RequestDebugHandler;
-import runwar.undertow.SSLClientCertHeaderHandler;
+import runwar.undertow.SSLCertHeaderHandler;
 import runwar.undertow.LifecyleHandler;
 import runwar.undertow.WelcomeFileHandler;
 import runwar.undertow.SiteDeployment;

src/main/java/runwar/undertow/SSLClientCertHeaderHandler.java → src/main/java/runwar/undertow/SSLCertHeaderHandler.java

@@ -29,7 +29,7 @@
  *
  * @author Brad Wood
  */
-public class SSLClientCertHeaderHandler implements HttpHandler {
+public class SSLCertHeaderHandler implements HttpHandler {
 
 	private final HttpHandler next;
 	// Adobe will access CGI elements from request attribtues, but Lucee requires an HTTP request header.
@@ -46,10 +46,12 @@ public class SSLClientCertHeaderHandler implements HttpHandler {
 	private static final HttpString CERT_ISSUER = new HttpString("CERT_ISSUER" );
 	private static final HttpString SSL_CLIENT_VERIFY = new HttpString("SSL_CLIENT_VERIFY" );
 	private static final HttpString SSL_SESSION_ID = new HttpString("SSL_SESSION_ID" );
+	private static final HttpString CERT_SERVER_SUBJECT = new HttpString("CERT_SERVER_SUBJECT" );
+	private static final HttpString CERT_SERVER_ISSUER = new HttpString("CERT_SERVER_ISSUER" );
 	private static final HttpString SUBJECT_DN_MAP = new HttpString("javax.servlet.request.X509Certificate.subjectDNMap" );
 	private static final HttpString ISSUER_DN_MAP = new HttpString("javax.servlet.request.X509Certificate.issuerDNMap" );
 
-    public SSLClientCertHeaderHandler(HttpHandler next, Boolean addHTTPHeaders ) {
+    public SSLCertHeaderHandler(HttpHandler next, Boolean addHTTPHeaders ) {
         this.next = next;
 		this.addHTTPHeaders = addHTTPHeaders;
     }
@@ -89,10 +91,24 @@ public void handleRequest(HttpServerExchange exchange) throws Exception {
 		// There is SSL session info
 		if(ssl != null) {
 
-			X509Certificate clientCert = getClientCert( ssl );
-
 			setCGIElement( exchange, CERT_KEYSIZE, String.valueOf( ssl.getKeySize() ) );
 
+			// Set details of the server cert so it's in our CGI scope
+            if( ssl.getSSLSession().getLocalCertificates() != null ) {
+				Certificate[] serverCerts = ssl.getSSLSession().getLocalCertificates();
+				if(serverCerts.length > 0 && serverCerts[0] instanceof X509Certificate ) {
+					X509Certificate serverCert = (X509Certificate)serverCerts[0];
+
+					String LDAPSName = SecurityManager.reverseDN( serverCert.getSubjectDN().toString() );
+					setCGIElement( exchange, CERT_SERVER_SUBJECT, LDAPSName );
+
+					String LDAPIName = SecurityManager.reverseDN( serverCert.getIssuerDN().toString() );
+					setCGIElement( exchange, CERT_SERVER_ISSUER, LDAPIName );
+				}
+			}
+
+			X509Certificate clientCert = getClientCert( ssl );
+
 			// A client cert was negotiated
 			if( clientCert != null ) {
 				LOG.trace( "Client SSL cert present, setting request headers" );

src/main/java/runwar/undertow/SiteDeployment.java

@@ -53,7 +53,7 @@
 import runwar.undertow.MappedResourceManager;
 import runwar.undertow.HostResourceManager;
 import runwar.undertow.RequestDebugHandler;
-import runwar.undertow.SSLClientCertHeaderHandler;
+import runwar.undertow.SSLCertHeaderHandler;
 import runwar.undertow.LifecyleHandler;
 import runwar.undertow.WelcomeFileHandler;
 import runwar.util.ClassLoaderUtils;

src/main/java/runwar/undertow/SiteDeploymentManager.java

@@ -53,7 +53,7 @@
 import runwar.undertow.MappedResourceManager;
 import runwar.undertow.HostResourceManager;
 import runwar.undertow.RequestDebugHandler;
-import runwar.undertow.SSLClientCertHeaderHandler;
+import runwar.undertow.SSLCertHeaderHandler;
 import runwar.undertow.LifecyleHandler;
 import runwar.undertow.WelcomeFileHandler;
 import runwar.undertow.SiteDeployment;