Mutual SSL (CCA) with TLS 1.x: how is appropriate certificate selected by the client and does it send chain or single certificate?

We have an interesting discussion between the server operator team and the developers of a client application.

Our setup in general is like this:
There is a root-ca, let’s call it “root-1”. This has a sub-ca, let’s call it “… Continue reading Mutual SSL (CCA) with TLS 1.x: how is appropriate certificate selected by the client and does it send chain or single certificate?

Win2012R2 TLS1.2 Mutual authentication – change cipher specs from server side after no certificate from client?

I am testing a .net based application running on a Win2012r2 server providing a http-based web services and relying on windows’s SChannel for implementing tls1.2 mutual authentication against tls1.2 only capable clients.

Mut… Continue reading Win2012R2 TLS1.2 Mutual authentication – change cipher specs from server side after no certificate from client?

Win2012R2 TLS1.2 Mutual authentication – change cipher specs from server side after no certificate from client?

I am testing a .net based application running on a Win2012r2 server providing a http-based web services and relying on windows’s SChannel for implementing tls1.2 mutual authentication against tls1.2 only capable clients.

Mut… Continue reading Win2012R2 TLS1.2 Mutual authentication – change cipher specs from server side after no certificate from client?