I'm using JBoss-3.2.5 (SSL with client authentication) to integrate with IIS 5.0. I'm using isapi_redirector.dll to act as connector.
My client's certificate is signed by Thawte. Therefore, it's basically a chained certificate. My problem is, when the request arrives at my application via IIS, the root CA certificate is gone. I only manage to read client's certificate. But if my client request is directly made to Jboss, my application will be able to read all the chained certificates. FYI, IIS has been configured to accept client certificate only.
Why it's behave in such way?is it because of the isapi_redirector.dll which is not able to redirect the whole https request?