My application on Glassfish 3.1 won't perform client authentication

Question

I have application consuming a SOAP service that uses transport-level authentication. We are trying to move the application from Tomcat to Glassfish 3.1. Unfortunately, Glas

Answer 1

A co-worker of mine came up with the solution. Points to Andrew.

The destination turned out to be sending us the unknown_ca message, as it did not understand the CA of the key that Glassfish was sending during the authentication process.

Removing the JVM argument -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as resolves the issue. One may also change the argument to specify the alias of the preferred key instead of letting the JVM determine the key to use.

Answer 2

The SOAP server certificate should be imported into Glassfish's truststore, not keystore.