I have a TOMCAT SSL server that requires client side authentication. I'm
attempting to connect to the server via wget and I'm getting an error. Below
are the steps I've gone through and the resulting error message.
Server side:
<Connector port="1234"
maxThreads="150" minSpareThreads="25" maxSpareThreads="25"
enableLookups="true" disableUploadTimeout="true"
compression="on"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="true" sslProtocol="TLS"
keystorefile="/path/to/keystore.jks"
keystorePass="XXXX"
truststorefile="/path/to/keystore.jks"
truststoreType="JKS" truststorePass="XXXX"
SSLVerifyClient="require" SSLEngine="on" SSLVerifyDepth="2" />
Client Side:
Convert P12 cert to PEM cert to work with wget:
# openssl pkcs12 -in /path/to/cert.p12 -clcerts -nokeys -out
/path/to/cert.pem
Use wget to grab file:
wget --secure-protocol=TLSv1 --certificate-type=PEM --certificate=/
path.to/cert.pem --password=XXXX https://IP_ADDRESS:1234/file.txt -o
/tmp/file.txt
Error message in /tmp/file.txt:
Connecting to IP_ADDRESS:1234... connected
OpenSSL: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert
unexpected message
Unable to establish SSL connection.
