Wso identityserver 5.2.0无法调用使用客户端证书保护的联合oidc身份验证器

时间:2018-06-01 13:58:24

标签: ssl wso2 federated

我正在尝试在Wso2 identityserver 5.2.0中实现联合oidc身份验证器。成功配置此连接后,联合身份验证器实现了更严格的安全规则。客户端必须使用客户端证书进行身份验证。我已将签名权限导入客户端信任库,将客户端证书导入wso2carbon密钥库。使用这些密钥库独立运行代码工作正常。所以我对密钥库没有任何问题。

但是当我使用ssl debug在Wso2中运行代码时,我看到了输出:


    *** CertificateRequest
    Cert Types: RSA, DSS, ECDSA
    Supported Signature Algorithms: SHA256withECDSA, SHA384withECDSA, SHA512withECDSA, Unknown (hash:0x8, signature:0x7), Unknown (hash:0x8, signature:0x9), Unknown (hash:0x8, signature:0xa), Unknown (hash:0x8, signature:0xb), Unknown (hash:0x8, signature:0x4), Unknown (hash:0x8, signature:0x5), Unknown (hash:0x8, signature:0x6), SHA256withRSA, SHA384withRSA, SHA512withRSA, Unknown (hash:0x3, signature:0x3), SHA1withECDSA, Unknown (hash:0x3, signature:0x1), SHA1withRSA, Unknown (hash:0x3, signature:0x2), SHA1withDSA, SHA256withDSA, Unknown (hash:0x5, signature:0x2), Unknown (hash:0x6, signature:0x2)
    Cert Authorities:
    <CN=TTP...>
    <OU=VeriSign...>
    <CN=TTP..>
    <CN=INSI...>
    http-nio-9443-exec-46, READ: TLSv1.2 Handshake, length = 4
    *** ServerHelloDone
    Warning: no suitable certificate found - continuing without client 
    authentication
    *** Certificate chain
    <Empty>
    ***

找不到客户端证书。在独立代码中,我使用相同的密钥库找到客户端证书。

Wso2需要一些额外的配置吗?

0 个答案:

没有答案