I’ve got an application deployed on Azure Web Apps, using Java 8, Tomcat 8.5 and Lucee 4.5. This is a Web App, not a VM, so I don’t have much control over Java/Tomcat installation.
On the Azure portal I can configure the Web App to request a Client Certificate. When this is set up, the I get the base64 encoded certificate provided in the x-arr-clientcert header.
Has anyone had any experience on how I can decode and read this header to determine if it is valid?