AnsweredAssumed Answered

SSL to client - Wrong certificate returned

Question asked by Zanatto on Feb 4, 2014
Latest reply on Apr 28, 2016 by vigneshsundararaman62134999

Hi all,

I'm trying to use the SSL to client option on the Virtual HTTPS Listen step.

First, I received a .cer (the certificate) from my client. Then, I used the java keytool to generate a .ks file with the certificate (command line: keytool -importcert -alias lisa -file fqalisawifi.cer -keystore fqalisawifi.ks). So far, so good.

Now, when I select the keystore file inside Virtual HTTPS Listen step and click on Verify, this is what I see:
__________________________________________________________________________________________________________________________________
Beginning Keystore Verification

File: C:\Lisa\files\fqalisawifi.ks
Keystore size: 1
Provider: SUN
Type: jks
 
Alias: lisa
Alias Creation Date: 2/4/14 12:05 PM
Unable to load key for alias: lisa using keystore password
Certificate:
Type: X.509
Certificate Info: 
 Subject: CN=fqalisawifi.internal.timbrasil.com.br, OU=DEPT DE TI, O=TIM CELULAR SA, L=Rio de Janeiro, ST=Rio de Janeiro, C=BR
 
LOTS OF INFO ABOUT THE CERTIFICATE
 
Certificate Verification Failed (trusted CAs) may be issued by private CA

__________________________________________________________________________________________________________________________________
 
I deployed the virtual service anyway and tried to access it with my browser with a simple https://localhost:8006
My browser complains about the certificate issuer (as expected) but when I click to see the certificate information, what I see is the following (and I believe this is Lisa's default certificate info):
CN = localhost
OU = 1513240169
O = Blue Coat SG900 Series
S = Some-State
C =   
 
Anyone can help me with why Lisa is not using the certificate informations I selected? Does it have anything to do with those two errors on the Keystore Verification?
Any help is appreciated.
 
Thanks
Felipe Zanatto

Outcomes