Hello Mailinglist, I would like to use undertow for creating REST APIs. I also would like to use HTTPS for communcation between client and server. The user should authenticate itself with a client certificate. On the server should be a component which takes the client certificate and uses some other service (properties file, database, ...) to which roles the user has (and therefor if and what parts of the REST API he can use). I think I know how to listen only to HTTPS, but I'm not sure how to extract the relevant bits from the client certificate and how to set the groups/roles. The solution should be compatible with the Servlet API. Is there some example code which I could look up, or some tutorial describing what I required? Best regards, Dieter