This discussion is archived
0 Replies Latest reply: Apr 13, 2012 3:57 AM by 583554 RSS

Configuring Weblogic Server for X.509 Smart Card Authentication

583554 Newbie
Currently Being Moderated
0 down vote favorite
share [g+] share [fb] share [tw]
     

I am running Oracle Weblogic 11g (10.3.6) and attempting to configure two-way SSL (client certificate requested and enforced). The client certificate is on a smart card.

I have enabled "basic" ssl in the weblogic server, and used keytool to import the relevant root CA certificates into the DemoTruststore.jks file. I have set the Two-way client cert behavior to Client Certs Requested and Enforced for the server.

Unfortunately, attempting to access my application causes the following:

<pre>
<Certificate chain received from 127.0.0.1 - 127.0.0.1 was incomplete.>
<NO_CERTIFICATE alert was received from 127.0.0.1 - 127.0.0.1. Verify the SSL configuration has a proper SSL certificate chain and private key specified.>
<Certificate chain received from 127.0.0.1 - 127.0.0.1 was incomplete.>
</pre>

The ActivClient dialog never appears to select a certificate from the Smart Card, and a pin is never requested. Therefore, I think I misconfigured something.

Help would be greatly appreciated.

Jason

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points