Incorrect certificate used in SSL handshake
We're running WAS 6.1. We're attempting to connect to several
webservices each with its own client/personal certificate to
authenticate with. At the cell level, we have a single SSL
configuration with an associated key and trust store with the required
certificates. We then create separate dynamic outbound SSL endpoint
configurations for each webservice matching on the hostname, port, and
protocol. Each dynamic config uses the same cell SSL configuration but
sets the required certificate alias for the webservice appropriately.
The issue is that the wrong certificate - specifically the default
certificate specified in the SSL configuration - is used for all
outbound connections. Thus the only webservice which authenticates
correctly is the one requiring this certificate.
>From the SSL debugging (set javax.net.debug=true for the server JVM)[/color]
output, we observe that the dynamic endpoint config is used and the
webservices matched, it then proceeds to match the correct certificate
alias, however the actual certificate used is still the default
certificate instead of the one associated with the alias.