We have been looking for a soution to our problem for one week and after looking in a lot of similar posts and after reading all the available documentation we haven't got a solution.
I'm going to explain my current situation and I hope someone could help us to solve the problem.
We have developed a Web Service Client in JAX-WS, which comunicates with a server-side Web Service in another platform. The comunication is 2 way SSL and we have the CA of the server side, to trust him, and our private certificates to identify in the server side.
Our Web Service Client is deployed in a Weblogic 10.3 and when it is going to make a call to the server-side Web Service, we load dinamically the truststore and the keystore which is loaded with just one certificate, because each time we are going to use a different certificate so we cannot use only a static keystore.
The problem is when we are stablishing the connection, negotiating the handshake because Weblogic ignores the truststore and keystore we loaded before the call and only look for the trusted certificates and the private keys in the Weblogic's keystores…
If we put our trusted certificate in the truststore of Weblogic and start the comunication again. We begin the handshake, we trust the server side (because now Weblogic find the CA in its keystore), but when our Web Service Client has to send the certificate to be trusted by the server-side, the "Certificate Chain" is empty and we get a "BAD_CERTIFICATE".
We have tried with Apache CXF and JAX-WS and the problem is the same, setting the keystores using the System properties and the libraries… So we don't know why our Web Service Client is not capable to send the certificate. It seems Weblogic is not serving them because of some reason, maybe Weblogic configuration, but we don't know.
If someone knows what we can do, plase tell us.
Thanks in advance.