Hello,

I have an application using remoting over TLS with database authentication/authorization.

I want to add a certificate authentication (without removing Database authentication), so I have made some changes in my standalone.xml (I will develop my own verifier in a next step) :

<security-domain name="HelloDomain" cache-type="default">
                    <authentication>
                        <login-module code="Remoting" flag="optional">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                        <login-module code="Certificate" flag="required">
                            <module-option name="securityDomain" value="HelloDomain"/>
                            <module-option name="verifier" value="org.jboss.security.auth.certs.AnyCertVerifier"/>
                        </login-module>
                        <login-module code="Database" flag="required">
                            <module-option name="dsJndiName" value="java:jboss/datasources/AnnuaireDS"/>
                            <module-option name="principalsQuery" value="SELECT mdp FROM utilisateur WHERE id_fact=?"/>
                            <module-option name="rolesQuery" value="SELECT r.role, 'Roles' FROM role r INNER JOIN utilisateur u USING (cle_utilisateur) WHERE u.id_fact=?"/>
                            <module-option name="hashAlgorithm" value="SHA-256"/>
                            <module-option name="hashEncoding" value="base64"/>
                        </login-module>
                    </authentication>
                    <jsse keystore-password="JBossPassword" keystore-url="file:/D:/Apps/jboss-as-7.1.3.Final/standalone/configuration/jbossServer.keystore" cipher-suites="TLS_RSA_WITH_AES_128_CBC_SHA" client-auth="true" protocols="TLSv1"/>
                </security-domain>

Now I don't know what to do on the client side to "use" the client certificate.

Any idea?

Thanks