Hi, I am configuring client certified authentication on JBoss EAP 6.1.0.GA (AS 7.2.0.Final-redhat-8) and always I get the 401 error:

“JBWEB000065: HTTP Status 401 - JBWEB000010: Cannot authenticate with the provided credentials”

In standalone.xml I have configured the ApplicationRealm with the truststore, I followed the documentation (https://docs.jboss.org/author/display/AS72/Security+Realms), this is the text:

<security-realm name="ApplicationRealm">

                <server-identities>

                               <ssl>

                                 <keystore path="keystore/server.keystore" relative-to="jboss.server.config.dir" password="jboss123" alias="jboss" key-password="jboss123" />

                               </ssl>

                </server-identities>

                <authentication>

                               <truststore path="server.truststore" relative-to="jboss.server.config.dir" password="jboss123" />

                </authentication>         

</security-realm>

The "urn:jboss:domain" subsystem was configuring with https:

<subsystem xmlns="urn:jboss:domain:web:1.4" default-virtual-server="default-host" native="false">

                <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>

                <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

                               <ssl name="https" key-alias="jboss" password="jboss123" certificate-key-file="D:/software/jboss/jboss-eap-6.1-s3/standalone/configuration/keystore/server.keystore" verify-client="false"/>

                </connector>

                <virtual-server name="default-host" enable-welcome-root="true">

                               <alias name="localhost"/>

                               <alias name="example.com"/>

                </virtual-server>

</subsystem>

The application has a web.xml configured with client-cert:

<!-- Restriccion de acceso -->

       <security-constraint>

             <display-name>restriccion-certificados-cliente</display-name>

             <web-resource-collection>

                    <web-resource-name>Autenticacion con certificados</web-resource-name>

                    <description>paginas de acceso por certificado de clientes</description>

                    <url-pattern>/*</url-pattern>

             </web-resource-collection>

             <auth-constraint>

                    <description>User</description>

                    <role-name>User</role-name>

             </auth-constraint>

       </security-constraint>

<!-- Security roles used by this web application -->

       <security-role>

             <role-name>User</role-name>

       </security-role>

       <!-- Configuracion de autenticacion -->

       <login-config>

             <auth-method>CLIENT-CERT</auth-method>

             <realm-name>ApplicationRealm</realm-name>

       </login-config>    

I installed the certificate on chrome and IE; When I try to access to application, the server requests the certificate and I select it. next the error is showing.

JBWEB000309: type JBWEB000067: Status report

JBWEB000068: message JBWEB000010: Cannot authenticate with the provided credentials

JBWEB000069: description JBWEB000121: This request requires HTTP authentication.

I saved the certificate in the truststore with the alias juan, but I have tried with the dn "CN=juan,OU=app,O=javeriana,L=bog,S=edu,C=CO" how alias.