[jboss-jira] [JBoss JIRA] (WFLY-2980) TLS client authentication configuration not working
Tomaz Cerar (JIRA)
issues at jboss.org
Fri Jan 9 09:54:31 EST 2015
[ https://issues.jboss.org/browse/WFLY-2980?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13031334#comment-13031334 ]
Tomaz Cerar commented on WFLY-2980:
-----------------------------------
Guys, I cannot reproduce this. We also test this as part of our testsuite.
see for the test itself: https://github.com/wildfly/wildfly/blob/master/testsuite/integration/manualmode/src/test/java/org/jboss/as/test/manualmode/web/ssl/HTTPSWebConnectorTestCase.java
I would say problem is in certificates you use and how are they generated.
> TLS client authentication configuration not working
> ---------------------------------------------------
>
> Key: WFLY-2980
> URL: https://issues.jboss.org/browse/WFLY-2980
> Project: WildFly
> Issue Type: Bug
> Components: Web (Undertow)
> Affects Versions: 8.0.0.Final
> Reporter: dfisher
> Assignee: Tomaz Cerar
>
> Configuration of a security realm with a truststore does not result in an SSL trust manager with the appropriate certificate authorities.
> This configuration:
> {code}
> <security-realm name="HTTPSRealm">
> <server-identities>
> <ssl>
> <keystore alias="server" path="/path/to/my.keystore" keystore-password="changeit" />
> </ssl>
> </server-identities>
> <authentication>
> <truststore path="/path/to/my.truststore" keystore-password="changeit" />
> </authentication>
> </security-realm>
> {code}
> Should expose the certificates in my.truststore as accepted authorities for client authentication.
> An SSL debug shows that no authorities are configured:
> {code}
> *** CertificateRequest
> Cert Types: RSA, DSS, ECDSA
> Cert Authorities:
> <Empty>
> *** ServerHelloDone
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
More information about the jboss-jira
mailing list