You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As the title mentions, mTLS works between client and IBM MQ if the client keystore has certificate only for serverAuth, not clientAuth. But should not be the case.
and in my understand, it should prevent the mTLS handshake being successful because it doesn't have clientAuth. But it seems that the IBM MQ doesn't care about ExtendedKeyUsages.
The text was updated successfully, but these errors were encountered:
The TLS handshake is managed as part of the IBM MQ software, and I don't think anything you've mentioned is related to this sample repository. Can I please suggest that you raise this as a support ticket against the MQ software?
As the title mentions, mTLS works between client and IBM MQ if the client keystore has certificate only for serverAuth, not clientAuth. But should not be the case.
for example, folloing the official guide here https://developer.ibm.com/tutorials/configuring-mutual-tls-authentication-java-messaging-app/ and we can establish the mTLS connection successfully and the client log has the following Produced client Certificate handshake message
More specifically the certificate has the field
and in my understand, it should prevent the mTLS handshake being successful because it doesn't have clientAuth. But it seems that the IBM MQ doesn't care about ExtendedKeyUsages.
The text was updated successfully, but these errors were encountered: