One of WS which we need to connect to has sample code in PHP. They are signed for us CSR ... so we have now PRIVATE KEY and CERTIFICATE for authentication.
They suggest to put both, PRIVATE KEY, and signed CERTIFICATE to one .pem file, and in PHP to have code like this one:
$client = new SoapClient('https://www.example.com/api/server.php?wsdl', array('local_cert' => "custom-pc.pem", "trace"=>1));
$result = $client->Login();
and that works fine.
But we are using Java, no PHP gurus here - so I imported both PRIVATE KEY and CERTIFICATE to cacerts (exported to PKCS12 and then merged keystore).
openssl pkcs12 -export -in signed.pem -inkey server.key -out signed.p12 -name custom -CAfile ca.crt -caname root
sudo keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore /Library/Java/JavaVirtualMachines/jdk1.7.0_06.jdk/Contents/Home/jre/lib/security/cacerts -srckeystore signed.p12 -srcstoretype PKCS12 -srcstorepass changeit -alias custom
But, no luck :(
All the time got exception:
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1977)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1093)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:884)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
any idea what we did wrong?
