This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
Structure on server:
cacerts.jks has my_ca as trusted certificate entry
keystore.jks has sercer as Key Pair entry
Has Client.cer generated by my CA installed in it
If I access the app url, browser now pops my 'Client' certificate to use & I click on cert & click OK, the webpage is displayed.
Now I have an actual ProductionCertificate MyProdCer Chain is: MyProdCer -> IssuerCA -> IntermediateCA-> RootCA
I have updated cacerts.jks on server to contain IssuerCA, IntermediateCA & RootCA certs along with the original my_ca
The browser now pops up two options 1. 'Client' cert & 2. 'MyProdCer'
If I select 1. Client cer then it works as usual, no problem
However if i select 2. 'MyProdCer' then browser displays