[
https://issues.apache.org/jira/browse/DERBY-3096?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12536211
]
Bernt M. Johnsen commented on DERBY-3096:
-----------------------------------------
After wrestling a while with this problem and trying to figure out what I did
wrong when I implemented SSL for Derby I found that everything I had done was
according to the JSSE spec and the TLSv1 spec. So when I found that this
feature works when the client is run with IBM J9 VM 1.5 independent of which
platform the server runs on, and fails when the client is run with any Sun VM
(tried 1.4, 1.5 and 1.6) independent of the platform the server is run on, I
suspect this to be a bug in the Sun JSSE implementation.
A workaround is to either Sun VM with IBM (or possibly other) JSSE or another
VM altogether. I have not tested this with other VM's than Sun and IBM.
I will pursue this further with a Derby-independent repro and send my findings
to the proper channels. I'll also try to figure out a workaround in the Derby
code to facilitate Sun VM use.
> SSL handshake throws "bad_certificate" when server tries to authenticate
> client
> -------------------------------------------------------------------------------
>
> Key: DERBY-3096
> URL: https://issues.apache.org/jira/browse/DERBY-3096
> Project: Derby
> Issue Type: Bug
> Components: Network Client, Network Server, Security
> Affects Versions: 10.3.1.4
> Reporter: Bernt M. Johnsen
> Assignee: Bernt M. Johnsen
> Attachments: SslTest.zip
>
>
> When the server runs with -ssl peerAuthentication and the client with -ssl
> basic the SSL handshake gives the error "bad_handshake", e.g. when server
> shutdown is used:
> Could not connect to Derby Network Server on host localhost, port 1527:
> Received fatal alert: bad_certificate
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
