By using the servlet API, you can obtain both a certificate used for handshaking and the encryption algorithm selected by handshaking.

Client authentication allows you to obtain an X.509 certificate from the client as a java.security.cert.X509Certificate class object.

Note that when using the servlet, you can only obtain a client certificate through SSL client authentication. To perform SSL client authentication, you need to configure this authentication on the Web server.

With the Web container, you can use the servlet API to obtain RSA public keys whose key length is 512 to 2,048 bits or DSA public keys whose key length is 512 to 1,024 bits. You can obtain only those public keys that are supported by the Web server being used (for example, Microsoft IIS supports only RSA public keys).

If Microsoft IIS is used as the Web server for linkage with the Web container, it is impossible to obtain an SSL communication encryption algorithm by using javax.servlet.request.cipher_suite as defined in the Servlet v2.3 specifications.