1

im developing and testing an applycation with mutual authentication TLS/SSL i have this

Server side

  1. jax web service on jboss 6

client side

  1. web app

want to access with browser at my wsdl (https://mydomain:8443/myService/service?wsdl and onFireFox everything is ok

problem is on Chrome because i got ERR_BAD_SSL_CLIENT_AUTH_CERT. Dont understand why? i have done same setting as on Firefox.

here ssl log of the server

11:49:50,499 INFORMAZIONI [STDOUT] *** ServerHelloDone

11:49:50,499 INFORMAZIONI [STDOUT] http-8443-1, WRITE: TLSv1.2 Handshake, length = 1613

11:49:50,501 INFORMAZIONI [STDOUT] http-8443-1, READ: TLSv1.2 Handshake, length = 7

11:49:50,501 INFORMAZIONI [STDOUT] *** Certificate chain

11:49:50,501 INFORMAZIONI [STDOUT] <Empty>

11:49:50,501 INFORMAZIONI [STDOUT] ***

11:49:50,501 INFORMAZIONI [STDOUT] %% Invalidated:  [Session-23, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]

11:49:50,501 INFORMAZIONI [STDOUT] http-8443-1, SEND TLSv1.2 ALERT:  fatal, description = bad_certificate

11:49:50,502 INFORMAZIONI [STDOUT] http-8443-1, WRITE: TLSv1.2 Alert, length = 2

11:49:50,502 INFORMAZIONI [STDOUT] http-8443-1, called closeSocket()

11:49:50,502 INFORMAZIONI [STDOUT] http-8443-1, handling exception: javax.net.ssl.SSLHandshakeException: null cert chain

I imported in both browser a cert p12 format but it works only on firefox

All certificates are my own certificates

Massimo
  • 141
  • 1
  • 2
  • 13
  • Please provide tcpdump or wireshark capture of SSL handshake, on surface it looks like an issue on TLS1.2 ssl handshake due to certificate presented on the client side – choppe Sep 18 '20 at 15:18

0 Answers0