IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Mutual TLS has stopped working - client certificates using RSA SHA256

  • 1.  Mutual TLS has stopped working - client certificates using RSA SHA256

    Posted Tue September 10, 2024 09:14 AM
    Edited by Michael Erkens Tue September 10, 2024 09:16 AM

    Hi,
    I'm facing an issue with server connection trying to call a service on api gateway. Issue happening on both 10.0.7 & 10.0.8...

    it's working fine with a certain certificate (i-net801) but when I try to use another certificate signed by another CA, SSL handshake is failing...

    I've activated SSL debug an extracted the 2 sessions for comparison. With the new certificate
    I have this excpetion: Unavailable authentication scheme: rsa_pss_rsae_sha256

    I found on the net some JVM bugs related to the same kind of issue
    https://bugs.openjdk.org/browse/JDK-8272351

    Have you already been reported this kind of issues?

    Thanks in advance for your help


    - - - [9/9/24, 10:07:34:343 CEST] 0000003b id=00000000 SystemErr                                                    R javax.net.ssl|WARNING|3B|Default Executor-thread-5|2024-09-09 10:07:34.343 CEST|null:-1|Unavailable authentication scheme: rsa_pss_rsae_sha256
    seem to be the difference in the trace... no clue where this difference comes from...

    ------------------------------
    Michael Erkens
    ------------------------------



Related Content