Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

CN mismatch between SSL certificates

mohanr-JavaNetMay 23 2008 — edited May 25 2008

My two-way SSL setup authenticates the server but fails to authenticate the client.

The certificates that I have in my identity store have CN's that are different from the one shown below. I am assuming that the debug info. generated by -Djavax.net.debug=ssl below actually shows the request certificate's CN.

*** CertificateRequest
Cert Types: RSA, DSS,
Cert Authorities:
<CN=test, OU=test1, O=test2, L=test3, ST=test4, C=UK>

The exception is

main, WRITE: TLSv1 Handshake, length = 48
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, bad_certificate
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

I was given two .cer files. One of them is the root of the other. I just imported both into the identity store. Is this procedure correct ?

Thanks,
Mohan

Locked Post

New comments cannot be posted to this locked post.

Locked on Jun 22 2008

Added on May 23 2008

#other-security-apis-tools-and-issues

7 comments

1,077 views