Home » Java » java – How does one add certificate_authorities to CertificateRequest message in TLSv1.3-Exceptionshub

java – How does one add certificate_authorities to CertificateRequest message in TLSv1.3-Exceptionshub

Posted by: admin February 25, 2020 Leave a comment

Questions:

I’m setting up mutual authentication using TLS 1.3 using a spring boot server and curl client for testing. My truststore containts two certificate chains which are loaded correctly – in fact the mutual authentication works in this test setup.

However, based on the RFC8446 spec I’m trying to get the CertificateRequest message in the SSL Handshake to contain the certificate_authorities extension.

The logging (-Djavax.net.debug=all) shows the certificate request message from the sever, without certificate_authorities.

javax.net.ssl|DEBUG|13|https-jsse-nio-8443-exec-2|2020-02-17 14:24:15.419 CET|CertificateRequest.java:864|Produced CertificateRequest message (
"CertificateRequest": {
  "certificate_request_context": "",
  "extensions": [
    "signature_algorithms (13)": {
      "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha1, rsa_pkcs1_sha1]
    },
    "signature_algorithms_cert (50)": {
      "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha1, rsa_pkcs1_sha1]
    }
  ]
}
)

This extension is optional to send in the CertificateRequest, but I would like to include it in this message so that the real client device will be able to send the correct certificate to the server based on this.

How to&Answers:

While researching this issue I came across JDK-8206925 which states that

The current TLS 1.3 implementation does not support this function […]

So apparently its just an open issue for java (or at least the openJDK java that I use).

I’m happy to be proven wrong though..