[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] Why is client certificate unavailabe?



Why can't isasilk provide my client certificate and sends an empty one
instead?

I can't find anything in the docs to help me understand this better.  I
can get the demo SSLClient to talk to my openssl s_server, but when I'm
using jacorb (over isasilk) and mico (over openssl), isasilk can't
provide a client certificate (see "No client certficate available"
below).  Can anyone explain to me why?  The x509 certificate and private
key have been loaded into the SSLClientContext with addClientCredentials
(the steps to do this in jacorb look identical to those taken in the
SSLClient demo).

ssl_debug(1): Starting handshake...
ssl_debug(1): Sending v3 client_hello message, requesting version 3.1...

ssl_debug(1): Received v3 server_hello handshake message.
ssl_debug(1): Server selected SSL version 3.1.
ssl_debug(1): Server created new session CD:E2:E3:E1:B3:E6:2F:5E...
ssl_debug(1): CipherSuite selected by server:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
ssl_debug(1): CompressionMethod selected by server: NULL
ssl_debug(1): Received certificate handshake message with server
certificate.
ssl_debug(1): Server sent a 512 bit RSA certificate, chain has 1
elements.
[ Verifying chain:
cert #0 subject: EMail=server@domesolutions.com, CN=DOME Server, O=DOME,
L=Boston, ST=MA, C=US issuer: EMail=server@domesolutions.com, CN=DOME
Server, O=DOME, L=Boston, ST=MA, C=US]
[ Verification for EMail=server@domesolutions.com, CN=DOME Server,
O=DOME, L=Boston, ST=MA, C=US failed ]
ssl_debug(1): ChainVerifier: No trusted certificate found, OK anyway.
[ Chain Verification using standard  succeeded ]
ssl_debug(1): Received certificate_request handshake message.
ssl_debug(1): Received server_hello_done handshake message.
ssl_debug(1): No client certificate available, sending empty certificate
message...
ssl_debug(1): Sending client_key_exchange handshake message (512 bit)...

ssl_debug(1): Sending change_cipher_spec message...
ssl_debug(1): Sending finished message...
ssl_debug(1): Received change_cipher_spec message.
ssl_debug(1): Received finished message.
ssl_debug(1): Session added to session cache.
ssl_debug(1): Handshake completed.

--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl