Choosing the right certificate for client authentication
Hi, all
We have an application running under BEA Weblogic. This application collects data from a Java applet that the user runs on his terminal. This java applet (correctly signed) sends information using a HTTPS connection.
Our users have got three certificates: one for client authentication, other for data encipherment and the last one for data signing.
The problem appears when the applet shows the screen with the three certificates when the applet tries to create the https connection. In this screen the JVM shows all the user certificates.
Theorically (and in fact) it is possible to create a SSL connection with any of them, but our server application authenticates user connections and it only allows to create one if the client certificate sent is the correct authentication certificate. Then, if the user chooses one of the other certificates, the application will not allow to create the connection.
As the users can not distinguish between their certificates by their subject (because is the same for all of the user certificates), the current solution is to open the certificate properties, check the certificates serial and choose the certificate with the correct serial. This solution is not valid for basic users.
Then, does anyone knows if is it possible tto show only the desired certificate? (for example, only the certificate with the clientAuth usage).
Thanks and regards,
/Javier
