Bad certificate SSL Connection tracking client certificate

Hi All

Is there a way to save and log the certificate received by the HTTPS port during an SSL hand shake ?

We are facing a problem with one of our partners where once we restart the WM server , the partner keeps getting a “Bad Certificate” error while trying to connect through SSL (AS2 to be specific ) . The error auto-corrects itself after 4 to 5 hours . The problem is specific to one particular TN partner . Other TN parners are okay .

We suspect that this is a problem because of partner s/w caching or their settings goes hayward when a connection fails etc . So we need to track exactly which certificates are submitted by partner while trying the SSL connection .

There is no server log existing for these failed connections. … very weird probelm .
appreciating any help towards a solution
Thanks in advance


Thumb rule

“always restart your server and the partners server when you have certificate conflicts.”

Certificates are cached for hours



Sorry I missed to mention that when we had certificate problem like this before we used ssl tap from netscape

This tool could give you a complete log of what certificates are passed during the handshake



Hi Thahir
Thank you very much for the information . Expacially the tool looks extremly help ful .

Infact our probelm is not exactly a certificate conflict out of the blue . It is specific to this particualr partner , only after our server is restarted for some other reason . More over partner does not use WM , they use a IIS based B2B server . I feel that rather than the certificate being cached, it is the errored connection that is being cached some where . Because even if the certificates are cached , they are correct certs , so the error shudn’t happen .

Anyway thanks a lot and let me now if you have any ideas …
Thanks and regards


This might help

to find the complete list of certificates passed