Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8132108

Clarify logic of selection of SSL client's certificate for client authentication

    XMLWordPrintable

    Details

      Description

      It's not clear how a SSL client's certificate which is sent to server for a
      client authentication is selected on the client if multiple certificates for
      a same signer exit in the client's keystore file. Then, an expired client
      certificate can be selected wrongly for the client authentication against a
      programmer's intention if a valid certificate and an expired certificate for
      the same signer exist in the keystore file. And, the
      javax.net.ssl.SSLHandshakeException would be thrown in both sides, client and
      server, as a handshake error.

        Attachments

          Activity

            People

            Assignee:
            coffeys Sean Coffey
            Reporter:
            shadowbug Shadow Bug
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: