I am trying to write a client (a middleware in fact, which is a client to an entity, but also acts as a server to others). In its client capacity it is supposed to talk to another server (VMware's VirtualCenter), and ask it to do stuff on its behalf.
To give you more context, VirtualCenter allows an application to register as an extension. Said application could register its certificate at the time of registration (setCertificate). Afterwards, the application can login to VirtualCenter using its certificate (loginExtensionByCertificate() method) , and thereby not needing to store username and passwords. However, for this to work, the client (my app) must send a certificate as part of its SSL connection, even though the server (VirtualCenter) is not asking for it particularly.
I am writing my app with Java. Created my own key manager, hooked it up to my keystore and specified the alias to use. Then initialized my ssl context to use that key manager. In the created sockets, I do see their SSLContext has my key manager in them. However, I do not see that key manager ever being called to get the certificate. For some reason, the socket does not feel it needs to send a cert.
I understand that the server may ask the client to present its cert. In this case, it does not happen. What I am wondering whether there is a way to force the created socket to present a cert regardless of whether the server asks for it.