[keycloak-user] Can't login with certificate
Nalyvayko, Peter
pnalyvayko at agi.com
Thu Oct 12 09:05:31 EDT 2017
Hi Karol,
Are you using curl and the direct grant to verify the x509 client cert authentication?
--Peter
________________________________________
From: keycloak-user-bounces at lists.jboss.org [keycloak-user-bounces at lists.jboss.org] on behalf of Karol Buler [K.Buler at adbglobal.com]
Sent: Tuesday, October 10, 2017 5:06 AM
To: keycloak-user at lists.jboss.org
Subject: [keycloak-user] Can't login with certificate
Hi,
when I try to login with certificate according to Keycloak's
documentation instructions
(http://www.keycloak.org/docs/latest/server_admin/topics/authentication/x509.html)
I am getting this error:
curl: (35) gnutls_handshake() failed: The TLS connection was
non-properly terminated.
I also checked the logs in DEBUG level and there is:
11:01:50,494 DEBUG [io.undertow.request.io] (default I/O-4) UT005013: An
IOException occurred: java.io.IOException: javax.net.ssl.SSLException:
Inbound closed before receiving peer's close_notify: possible truncation
attack?
at
io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:577)
at io.undertow.protocols.ssl.SslConduit.closed(SslConduit.java:920)
at io.undertow.protocols.ssl.SslConduit.close(SslConduit.java:1015)
at
io.undertow.protocols.ssl.UndertowSslConnection.closeAction(UndertowSslConnection.java:146)
at org.xnio.Connection.close(Connection.java:132)
at org.xnio.IoUtils.safeClose(IoUtils.java:134)
at io.undertow.protocols.ssl.SslConduit$4$1.run(SslConduit.java:984)
at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:580)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:464)
Caused by: javax.net.ssl.SSLException: Inbound closed before receiving
peer's close_notify: possible truncation attack?
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)
at
io.undertow.protocols.ssl.SslConduit.notifyReadClosed(SslConduit.java:575)
... 8 more
I don't know what is wrong. Maybe someone of you had the same problem?
Regards,
Karol
[https://www.adbglobal.com/wp-content/uploads/adb.png]
adbglobal.com<https://www.adbglobal.com>
[https://www.adbglobal.com/wp-content/uploads/linkedin_logo.png]<https://www.linkedin.com/company/adb/> [https://www.adbglobal.com/wp-content/uploads/twitter_logo.png] <https://twitter.com/adb_global> [https://www.adbglobal.com/wp-content/uploads/pinterest_logo.png] <https://pinterest.com/adbglobal/pins/>
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list