When using a custom X509KeyManager Java is not able to determine a matching cipher suite for the SSL handshake

Question

I\'m working with Java7 and JAX-WS 2.2.

For a SOAP web service I need to create a custom X509KeyManager in order to find the correct certificate for eac

Answer 1

After a few days of trial & error I finally found my mistake!

In Java 7 a custom key manager should extend the X509ExtendedKeyManager which forces you to implement five methods of the interface X509KeyManager. However, there are two additional methods in the class X509ExtendedKeyManager which are not declared as abstract but must be overwritten for proper usage:

• chooseEngineClientAlias(String[], Principal[], SSLEngine)
• chooseEngineServerAlias(String, Principal[], SSLEngine)

After overwriting and implementing the methods by delegating the call to my originalKeyManager (which became of type X509ExtendedKeyManager as well) the SSL handshake finally succeeded.