javax.net.ssl.SSLHandshakeException: null cert chain
Issue
When I configure 2 way SSL between JBoss/Tomcat and Apache HTTPD, I see this error in my JBoss/Tomcat logging:
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, S
HA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
Cert Authorities:
<CN=myserver.example.com, OU=NA, O=Widget Corp, C=US>
*** ServerHelloDone
...
http-nio-20000-exec-8, READ: TLSv1.2 Handshake, length = 7
*** Certificate chain
***
http-nio-20000-exec-8, fatal error: 42: null cert chain
javax.net.ssl.SSLHandshakeException: null cert chain
%% Invalidated: [Session-15, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
http-nio-20000-exec-8, SEND TLSv1.2 ALERT: fatal, description = bad_certificate
http-nio-20000-exec-8, WRITE: TLSv1.2 Alert, length = 2
http-nio-20000-exec-8, fatal: engine already closed. Rethrowing javax.net.ssl.SSLHandshakeException: null cert chain
http-nio-20000-exec-8, called closeOutbound()
http-nio-20000-exec-8, closeOutboundInternal()
Environment
- Red Hat JBoss Enterprise Application Platform
- Red Hat JBoss Web Server
- Tomcat
- Apache HTTPD
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.