Skip to main content

Authentification client with new CA (self-signed) fail

Please note these java.net forums are being decommissioned and use the new and improved forums at https://community.oracle.com/community/java.
No replies
Manticore
Offline
Joined: 2013-09-19
Points: 0

Hello,

I'm new on java technologie and glassfish administration and i encounter a problem with the client authentification in glassfish v3.1.2.2

I need to use a self-signed CA for a pool of embedded system, but i cannot add my CA cert file in glassfish.

There are no problem for check the server ssl.
There are functionnal if i add directly the client certificate in the cacert.jks.

But that doesn't work if i use the CA (self-signed) for control my client certificate.

The ssl sequence is stop just after the server receive the client certificate with a TCP reset.

My configuration :

On glassfish :

- set client auth (that work because if i use directly certificate is ok.
- Disable http et set https (that work)

I have import my root certificate in :

java/jre/lib/security/cacert
java/jdk/jre/lib/securty/cacert
glassfish_server/glassfish/lib/template/cacert.jks
glassfish_server/glassfish/domain/domain1/config/cacert.jks

in windows 7

My certifcate seem to be valid i have control them with :

openssl verify -CAfile caSwiss.crt rainbow.crt

thanks for help