Hi all,
I've no found that with tomcat 7.0.19 I get a
javax.net.ssl.SSLHandshakeException:
Received fatal alert: bad_certificate
With tomcat 7.0.20 I get the SocketException.
But I don't understand which change in 7.0.20 could cause my problem?
Best regards,
Nancee
2013/12/6 Nancee Riehl nancee.ri...@gmail.com
Hi all,
I've implemented my own JSSE-Implemantation to do some special
Client-Certificate Validations.
When I sent a Client Certificate with length 0 I get in tomcat 6.0.35 this
Exception:
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
This is good because I can check it in my JUnit-Test.
When I do the same test with tomcat 7.0.47 I get only this Exception:
java.net.SocketException: Software caused connection abort: recv failed
My Implemation for further Certificate Validations is not affected at this
moment.
The Handshake in my own Socket-Factory looks like this:
try {
super.handshake(sock);
} catch (IOException e) {
LOGGER.error(e);
throw new SSLHandshakeException(Test);
} catch (Exception e) {
LOGGER.error(e);
throw new SSLException(e);
}
I've also created wireshark traces there I could see that with tomcat
6.0.35 I get an Alert Message with Level Fatal (2) and Description Bad
Certificate (42)
With tomcat 7.0.47 I get an Encrypted Alert without further information.
Best regards,
Nancee