Hi,
I am load testing a server which expects client-side certificate using SSL handshake. I did following steps -
- Received .crt and .key file containing public key certificate and private key from the server developer.
- Added key into the java default keystore cacerts using keytool with alias as “anurag”
- Gave java default keystore as the keystore in the gatling.conf.
Now, when I am firing requests to the server. I get following exception -
java.security.cert.CertificateException: No subject alternative names present
at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:144)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:93)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:252)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:136)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1501)
I haven’t done this before. Can anybody guide me, if I am doing anything wrong in the steps or something more will be required. I tried converting my .pem encoded certificate to pkcs12 but when I add it into the keytool, it is not accepting it.
I also, have a related question. How does keystore know, which key to present during handshake from the 100+ keys stored in the keystore during any handshake.