Hi
Ive setup a Coherence cluster on a server machine that includes an Extend Proxy server that listens for Extend Client requests. Im using this cluster as the Cache for the ASPNET Session Provider. Its all been working fine for a few days.
Im now trying to enable SSL for the communication between the .NET Extend client and the Extend Proxy server in the cluster. This is where im struggling.
On trying to connect, I get an error on the client side "A call to SSPI failed, see inner exception" while launching the web application. The error on the server is "javax.net.ssl.SSLHandshakeException: null cert chain".
Ive got a valid certificate that has been self signed and im using this as the certifcate in the Identity Manager and the Trust Manager on the Proxy server. I believe the certificate setup on the Proxy server is OK because if i do not enable SSL on the Extend client, the server shows an error saying "javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?", which is as expected.
On the client Cache-Config.xml, I have the following config entry
<tcp-initiator>
<stream-provider>
<ssl>
<protocol>Tls</protocol>
<local-certificates>
<certificate>
<url>D:\Certs\coherence.dev.p12</url>
<password>password</password>
<flags>DefaultKeySet</flags>
</certificate>
</local-certificates>
</ssl>
</stream-provider>
.
.
.
.
</tcp-initiator>
On the server ive got the same certificate as on the client and the following config entry in Cache-config.xml
<socket-provider>
<ssl>
<protocol>TLS</protocol>
<identity-manager>
<key-store>
<url>File:Certs\coherence.dev.finest.online.cba.p12</url>
<password>password</password>
<type>PKCS12</type>
</key-store>
<password>password</password>
</identity-manager>
<trust-manager>
<key-store>
<url>File:Certs\coherence.dev.p12</url>
<password>password</password>
<type>PKCS12</type>
</key-store>
</trust-manager>
</ssl>
</socket-provider>
Can anyone provide any clues as to why Im getting the errors related to the certificates?