Name: gm110360 Date: 12/13/2001


java version "1.4.0-beta3"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0-beta3-b84)
Java HotSpot(TM) Client VM (build 1.4.0-beta3-b84, mixed mode)

Unable to make a 2-way (mutual authentication) SSL connection to a https site
using the java plugin.

sample code:

URL url = new URL("https://<connection>);
URLConnection conn = url.openConnection();
conn.setAllowUserInteraction(true);
conn.connect();
conn.getInputStream();


We are running an IIS server setup to use client authentication to serve up a
simple static HTML page. The IIS server is setup correctly -- by using IE or
Netscape, we are able to hit the HTML page and connect after authorizing the
server certificate and sending our client certificate.

The applet we are attempting to run has been signed. When the connection is
made, the client is sent the server certificate and accepts it. The client is
never prompted to send the client certificate, and IIS rejects the request,
returning a 403.7 saying that a client certificate is required. After turning
SSL debugging on (javax.net.debug), we can see the certificate request from the
IIS server, but it appears that the client is not sending a certificate.

The client cert has been placed in the IE certificate store (so it works with
the browser), and has been placed in "signed applet" adn "secure site" sections
under the plug-in control panel module.

After reading bug #4268582, it appears that this should work.
(Review ID: 135914)
======================================================================