客户端证书未从android发送到ssl服务器

Question

以下是我用来创建持有证书颁发机构公共证书的TrustStore的代码。我正在创建另一个KeyStore来持有＆＃34;客户端证书＆＃34;这是我从证书签名请求创建并由我提到的CA签名的。出于某种原因，当我调用sslCertSocketFactory.createSocket（）时，我会抛出一个异常：

SSL failure: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake terminated: ssl=0x7780ef60: Failure in SSL library, usually a protocol error
    error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (external/openssl/ssl/s3_pkt.c:1256 0x77829d10:0x00000003)

在服务器端，我得到以下内容：

SSL alert (write): fatal: handshake failure
2014.07.01 15:56:46 LOG3[7121:4413599744]: SSL_accept: 140890C7: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate

我做错了什么？如何确保套接字工厂将证书推送到我在localKeystore中指定的服务器？

            // Load my CA's public cert from an InputStream

            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            InputStream caInput = new BufferedInputStream(cafile);
            Certificate ca = null;
            try {
                ca = cf.generateCertificate(caInput);

            } catch(Exception e) {
                Log.d(" Problem creating the CA cert: " + e.toString());
            }
            finally {
                caInput.close();
            }
            //sets this CA cert set as a KeyStore.TrustedCertificateEntry in the keystore.
            certManagerCA.trustCertificate((X509Certificate) ca);
            KeyStore keyStoreCA = certManagerCA.sslKeystore;

            tmf = TrustManagerFactory.getInstance("X509");
            tmf.init(keyStoreCA);

            localKeystore  = KeyStore.getInstance("BKS");
            try {
                //clientBKS is a bouncy castle keystore made with portecle from a public/private keypair signed by the CA I impored above
                localKeystore.load(clientBKS, "password".toCharArray());
            }
            finally {
                clientBKS.close();
            }

            // Build a KeyManager for Client auth
            kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            kmf.init(localKeystore, keyPass.toCharArray());
           //at this point I can iterate over the localKeyStore aliases and it ONLY has my cert in it. 

            sslCertSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(100000);
            sslCertSocketFactory.setKeyManagers(kmf.getKeyManagers());
            sslCertSocketFactory.setTrustManagers(tmf.getTrustManagers());
            Socket test = sslCertSocketFactory.createSocket("10.22.1.100", 443);