Mutual SSL working with soapUI but not standalone Java client

Question

I am trying to get mutual SSL working from a Java client. My soapUI configuration works where I have specified keystore and truststore in WS-security configurations.

When I do the same with a Java client with the following system params

System.setProperty("javax.net.ssl.keyStore", "D:\\certs\\client_keystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
System.setProperty("javax.net.debug", "all");
System.setProperty("javax.net.ssl.trustStore", "D:\\certs\\truststore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "trustpass");

I get this error

main, received EOFException: error
main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed
  connection during handshake
main, SEND TLSv1 ALERT: fatal, description = handshake_failure
Padded plaintext before ENCRYPTION: len = 18

I have enabled this: System.setProperty("javax.net.debug", "all");

From the debug logs I see this:

*** Certificate chain
***

How do I debug this issue?

Do you have access to the server logs? There could be multiple reasons why the SSL-handshake fails. The certificate is wrong, no mutual ciphersuits, etc. In the server log this would be specified. Could be useful to set loglevel to debug. — Thomas K, Aug 17 '14 at 14:27

Mutual SSL working with soapUI but not standalone Java client

0 Answers0