Monday, July 22, 2019

No suitable client certificate could be found - continuing without client authentication

"No suitable client certificate could be found - continuing without client authentication"

1) are you specifying the password for the keystore?

2) are you providing a full certificate chain ? ( chain [0] , chain [1], chain [2] until the Root CA)

3) server specified issuers different from the one of the client certificate?

4) server specified ciphers not matching the one of the certificate?

5) (this is same as 2) whole certificate chain not in keystore (see https://stackoverflow.com/questions/9299133/why-doesnt-java-send-the-client-certificate-during-ssl-handshake )



Here the code https://github.com/frohoff/jdk8u-jdk/blob/master/src/share/classes/sun/security/ssl/ClientHandshaker.java , as you see it's totally pathetic and at the same message correspond completely different scenarios.

No comments: