I am trying to open a https URL on IBM webshpere where ClientAuth is enabled. In response I was getting HTTP 403 whereas the URL can be accessed through http. On debugging further, it looks like the client is not sending the client certificate in response to server's request. In some forum somebody from Tomcat has said it is not a Tomcat issue as it is upto the client application to handle. However as the client app uses the SSL handlers etc from tomcat runtime I was wondering if anyone can help. See the below excerpts from verbose output certificate chain found by client is empty. I am sure the keystore loaded is correct....
===================================== adding as trusted cert: Subject: CN=testmc.myorg.net, OU=myorg, O=myorg, L=NJ, ST=NJ, C=US Issuer: CN=testmc.myorg.net, OU=myorg, O=myorg, L=NJ, ST=NJ, C=US Algorithm: RSA; Serial number: 0x4f1e5842 Valid from Tue Jan 24 02:05:38 EST 2012 until Fri Jan 18 02:05:38 EST 2013 . . . *** CertificateRequest Cert Types: RSA Cert Authorities: <CN=testmc.myorg.net, OU=myorg, O=myorg, L=NJ, ST=NJ, C=US> *** ServerHelloDone *** Certificate chain *** *** ClientKeyExchange, RSA PreMasterSecret, TLSv1 ===================================== Thanks Harish. ________________________________ http://www.mindtree.com/email/disclaimer.html
