Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Java Secure Socket Extension (JSSE)

Client Auth failure:SSLException Received fatal alert: bad_certificate

Friends,

I have managed to establish a one -way https connection between the client and the tomcat-server by keeping theclient-Authentication=false

<Connector

enableLookups="true"

port="8443"

scheme="https"

secure="true"

maxProcessors="75"

debug="0"

clientAuth="false"

keystorePass="arps3241"

keystoreFile="/usr/local/tomcat/bin/arps-dev.keystore"

className="org.apache.coyote.tomcat5.CoyoteConnector"

minProcessors="5"

sslProtocol="TLS">

</Connector>

. However , when i switch- 'on' the client-Authetication parameter i.e.clientAuth="true" in the server.xml for 2 way trust, I get the following error :-

javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1584)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:866)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:622)

at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)

at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)

at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)

at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:827)

at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1975)

at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:993)

at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:397)

at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170)

at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)

at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)

Can any body please guide me?

[2269 byte] By [dynamicdhiraja] at [2007-11-27 11:23:30]
«« BundleException: Timed Out
»» eta I need it from u
# 1

The server's truststore doesn't trust or possibly even recognize the client's certificate which came from the client's keystore.

ejpa at 2007-7-29 15:01:05 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
Security
Java Secure Socket Extension (JSSE)

Security Hot Topic

Security

All Classified