X509 unsupported critical extension on mutual auth with Tomcat
Hello,
I have the following scenario.
I am running 2 webapps. One acts as a client (web front end), the other one as a server (web services).
The connection is using SSL with mutual auth.
The client presents its certificate, wich contains a critical extension wich is not supported by the (TrustManager?) server (Tomcat 4.1.28) and throws this:
handling exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificate contains unsupported critical extensions: [2.5.29.32]
If I use some other certificate for the client role without this extension it works.
However, I MUST use this problematic certificate.
The question is: 縲hat can I do?
I have been reading about Custom TrustManagers, but I am not really sure.
It would be enough to provide a custom class (wich one?) that ignores this critical extension and goes on with the SSL handshake.
Any help is very welcome.
Mariano.
