We have a webmethods 6.1 architecture with TN and have been supporting client certificate authentification without any problem for various partners with different certificate configurations (both self-signed and signed by external CA’s certificates).
While trying to set up a new partner some big problems have occurred as he is not able to be authenticated in our system, receiving a “bad certificate” error message on his side. There is no connectivity issue as they are able to ACK the messages we sent them (as it is done in a synchronous way, no authentification is applied).
All the setup seems to be properly done, as it is working for the same partner in other environments: The certificate is properly stored on the partners certificate folder and the signing CA’s certificates in the trusted folder, the certificate is loaded and linked to his user in the “clients certificates” setup and the servers have been restarted.
In addition, there is no problem in the certificate itself, as it is also used to encrypt data and it is being decrypted without any problem on their side. Of course, we have also checked that the certificates are up-to-date.
To finish, the problem cannot rely on client-side, as they are using the same setup to communicate succesfully to other partners.
Any idea on what the problem could be? As you see, we’ve exhausted a lot of possible error threads but all the investigations seem to point that all is properly setup.
Any idea or possible investigation thread is welcomed as the issue is becoming more and more urgent.
Thanks in advance and regards.