I am trying to setup mutual authentication between standalone
java class & websphere apps server (6.1).
I have been setting ssl successfully by setting system properties to set the keystore, truststore, & their respective passwords values.
e.g.
System.setProperty("javax.net.ssl.trustStore","clientTrustStore.key");
... for all 4 params
This absolutely worked alright till I was using self signed certificate.
As soon as I installed the CA signed certificates. The same client code now throwing error for "bad_certificate" error.
The debug trace shows client code is not sending any certificate on server request. There is only one client & server trust certificate in the clients store. & simillarly at the server end.
Somehow I was able to make it work using the custom key & trust managers to create httpsConnection method & then specify the reuqired certificate alias.
Unfortunately it doesnt work with the webservice I have created using jax-ws & the client code I am using is created using stubs from its wsdl.
Can somebody please throw some light,
1. How to specifiy the "specific certificate alias" using System.setProperty in "javax.net.ssl".
2. Why its failing for signed certificate (not sure if I changed something in the websphere side accidentally).
Thanks in advance
Chary