Re: [keycloak-user] Can't login with certificate

Hi Karol, Are you using curl and the direct grant to verify the x509 client cert authentication? --Peter ________________________________________ From: keycloak-user-bounces(a)lists.jboss.org [keycloak-user-bounces(a)lists.jboss.org] on behalf of Karol Buler [K.Buler(a)adbglobal.com] Sent: Tuesday, October 10, 2017 5:06 AM To: keycloak-user(a)lists.jboss.org Subject: [keycloak-user] Can't login with certificate Hi, when I try to login with certificate according to Keycloak's documentation instructions (http://www.keycloak.org/docs/latest/server_admin/topics/authentication/x5...) I am getting this error: curl: (35) gnutls_handshake() failed: The TLS connection was non-properly terminated. I also checked the logs in DEBUG level and there is: 11:01:50,494 DEBUG [io.undertow.request.io] (default I/O-4) UT005013: An IOException occurred: java.io.IOException: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? at io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:577) at io.undertow.protocols.ssl.SslConduit.closed(SslConduit.java:920) at io.undertow.protocols.ssl.SslConduit.close(SslConduit.java:1015) at io.undertow.protocols.ssl.UndertowSslConnection.closeAction(UndertowSslConnection.java:146) at org.xnio.Connection.close(Connection.java:132) at org.xnio.IoUtils.safeClose(IoUtils.java:134) at io.undertow.protocols.ssl.SslConduit$4$1.run(SslConduit.java:984) at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:580) at org.xnio.nio.WorkerThread.run(WorkerThread.java:464) Caused by: javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634) at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561) at io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:575) ... 8 more I don't know what is wrong. Maybe someone of you had the same problem? Regards, Karol [https://www.adbglobal.com/wp-content/uploads/adb.png] adbglobal.com<https://www.adbglobal.com> [https://www.adbglobal.com/wp-content/uploads/linkedin_logo.png]<https:... [https://www.adbglobal.com/wp-content/uploads/twitter_logo.png] <https://twitter.com/adb_global> [https://www.adbglobal.com/wp-content/uploads/pinterest_logo.png] <https://pinterest.com/adbglobal/pins/> _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user