I’m fairly new to HTTPS/SSL/TLS and I’m a bit confused over what exactly the clients are supposed to present when authenticating with certificates.
I’m writing a Java client that needs to do a simple POST of data to a particular URL. That part works fine, the only problem is it’s supposed to be done over HTTPS. The HTTPS part is fairly easy to handle (either with HTTPclient or using Java’s built-in HTTPS support), but I’m stuck on authenticating with client certificates. I’ve noticed there’s already a very similar question on here, which I haven’t tried out with my code yet (will do so soon enough). My current issue is that – whatever I do – the Java client never sends along the certificate (I can check this with PCAP dumps).
I would like to know what exactly the client is supposed to present to the server when authenticating with certificates (specifically for Java – if that matters at all)? Is this a JKS file, or PKCS#12? What’s supposed to be in them; just the client certificate, or a key? If so, which key? There’s quite a bit of confusion about all the different kinds of files, certificate types and such.
As I’ve said before I’m new to HTTPS/SSL/TLS so I would appreciate some background information as well (doesn’t have to be an essay; I’ll settle for links to good articles).