[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] Why is client certificate unavailabe?

Why can't isasilk provide my client certificate and sends an empty one

I can't find anything in the docs to help me understand this better.  I
can get the demo SSLClient to talk to my openssl s_server, but when I'm
using jacorb (over isasilk) and mico (over openssl), isasilk can't
provide a client certificate (see "No client certficate available"
below).  Can anyone explain to me why?  The x509 certificate and private
key have been loaded into the SSLClientContext with addClientCredentials
(the steps to do this in jacorb look identical to those taken in the
SSLClient demo).

ssl_debug(1): Starting handshake...
ssl_debug(1): Sending v3 client_hello message, requesting version 3.1...

ssl_debug(1): Received v3 server_hello handshake message.
ssl_debug(1): Server selected SSL version 3.1.
ssl_debug(1): Server created new session CD:E2:E3:E1:B3:E6:2F:5E...
ssl_debug(1): CipherSuite selected by server:
ssl_debug(1): CompressionMethod selected by server: NULL
ssl_debug(1): Received certificate handshake message with server
ssl_debug(1): Server sent a 512 bit RSA certificate, chain has 1
[ Verifying chain:
cert #0 subject: EMail=server@domesolutions.com, CN=DOME Server, O=DOME,
L=Boston, ST=MA, C=US issuer: EMail=server@domesolutions.com, CN=DOME
Server, O=DOME, L=Boston, ST=MA, C=US]
[ Verification for EMail=server@domesolutions.com, CN=DOME Server,
O=DOME, L=Boston, ST=MA, C=US failed ]
ssl_debug(1): ChainVerifier: No trusted certificate found, OK anyway.
[ Chain Verification using standard  succeeded ]
ssl_debug(1): Received certificate_request handshake message.
ssl_debug(1): Received server_hello_done handshake message.
ssl_debug(1): No client certificate available, sending empty certificate
ssl_debug(1): Sending client_key_exchange handshake message (512 bit)...

ssl_debug(1): Sending change_cipher_spec message...
ssl_debug(1): Sending finished message...
ssl_debug(1): Received change_cipher_spec message.
ssl_debug(1): Received finished message.
ssl_debug(1): Session added to session cache.
ssl_debug(1): Handshake completed.

Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl