You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Basically, in order for the client to make a request to my local https server, I have to set the sysprop "javax.net.ssl.trustStore" to the same truststore I've declared in the client's ssl context. Is this redundancy normal ? I expected the ssl context to be self sufficient and contain all the information it needs. The problem is specific to the client as requesting from the server using curl with --cacert to the pem file used to build the truststore works just fine.
Furthermore, how can mutual authentication be enforced ? Curling the server works but isn't mutual.
The text was updated successfully, but these errors were encountered:
I'm not an expert, but here is what I've done trying to get mutual authentication :
https://gist.github.com/dvlopt/de48dbe6b7e1d7ea93c3beb929e146d0
Basically, in order for the client to make a request to my local https server, I have to set the sysprop "javax.net.ssl.trustStore" to the same truststore I've declared in the client's ssl context. Is this redundancy normal ? I expected the ssl context to be self sufficient and contain all the information it needs. The problem is specific to the client as requesting from the server using curl with --cacert to the pem file used to build the truststore works just fine.
Furthermore, how can mutual authentication be enforced ? Curling the server works but isn't mutual.
The text was updated successfully, but these errors were encountered: