-
Task
-
Resolution: Unresolved
-
P3
-
None
-
6u95
It's not clear how a SSL client's certificate which is sent to server for a
client authentication is selected on the client if multiple certificates for
a same signer exit in the client's keystore file. Then, an expired client
certificate can be selected wrongly for the client authentication against a
programmer's intention if a valid certificate and an expired certificate for
the same signer exist in the keystore file. And, the
javax.net.ssl.SSLHandshakeException would be thrown in both sides, client and
server, as a handshake error.
client authentication is selected on the client if multiple certificates for
a same signer exit in the client's keystore file. Then, an expired client
certificate can be selected wrongly for the client authentication against a
programmer's intention if a valid certificate and an expired certificate for
the same signer exist in the keystore file. And, the
javax.net.ssl.SSLHandshakeException would be thrown in both sides, client and
server, as a handshake error.