I am getting the "no available authentication" scheme in Oracle Java 11.0.17 with client authentication and TLS 1.3. Server is 11.0.18. Many of my search results say the problem is a DSA certificate, but I don't have a DSA cert so I'd like to know more about what's happening.
Reverting to TLS 1.2 works around the problem.
Regardless of whether I force TLS 1.2, even if the client hello message says it supports 1.3, the server hello message always says 1.2.
Both client and server have certificate algorithm SHA256withRSA. That's what's printed in verbose SSL and in keytool -list.
The certificate requests from the server look identical.
After the server asks for the client cert, I get a sequence of messages like
Unavailable authentication scheme: ecdsa_secp256r1_sha256
I get that same message for secp256, secp384, and secp521.
When the handshake succeeds with TLS 1.2, the secp521 is the last of those messages before the "matching alias" message.
When the handshake fails with TLS 1.3, I get a bunch more similar "unavailable auth scheme" messages. The one after 521 is rsa_pss_rsae_sha256, which makes me think that it works for TLS 1.2 but not for 1.3.
In both cases, rsa_pss_rsae_sha256 is the signature algo in the ECDH server key exchange message. My searches of rsa_pss_rsae_sha256 don't turn up any answers, or at least none that I understand.
