It's probably not obvious from the log that a TLS CertificateRequest
message is a request from the server for the client to supply its
authentication credentials. The client can comply, by returning its
certificate chain, or it can decline, by returning an empty certificate
chain.
Although a ser
Looks good Vinnie. Thanks for handling this. One more comment from me..
I recently worked with a group who were reading the verbose security
messages when trying to debug an SSL connection issue. They weren't sure
if two-way SSL authentication was set up between the server and client.
Could we
Please review this trivial enhancement to JSSE to warn when TLS client
authentication cannot be completed
because of difficulty locating a suitable client certificate. (Keystore file
paths are already displayed by JSSE, when known)
This is useful to help troubleshoot configuration issues relate