SSL connection failing with no Certificate Request from the server, connecting to Nginx on AWS from a local Websphere AS running on Java 6

java authentication ssl nginx sni

SOLVED - I have found that the Nginx server requires a "server_name" extension to be specified in the Client Hello. In fact the following openssl command prompts the server to issue a Certificate Request...

/usr/local/Cellar/openssl/1.0.2e/bin/openssl s_client -cert client_identity.crt -key client_identity.key -connect SecureServerHostName:443 -debug <post_request.txt -tls1_2 -servername SecureServerHostName

...while omitting the "-servername" option doesn't.

How I will force WebsphereAS to add that extension is another pair of shoes. Perhaps upgrading the version of Java will help, by updating the implementation of the TLS protocol.

Update: Yes, upgrading the IBM JDK from 1.6 to 1.7.1 worked, generating Client Hello messages with Server Name Indication, as mentioned here (By default Java SE 7 enables Server Name Indication (SNI).).

CodeHunter

SSL connection failing with no Certificate Request from the server, connecting to Nginx on AWS from a local Websphere AS running on Java 6

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last