Error downloading Jar required by JNLP with smart card authentication

[D-On1]

Hello IcedTea-Web Support Team,

We currently have a JNLP file that needs to download the main jar on a website with client certificate required for mutual authentication but the certificate is loaded from a smart card reader through a middleware installed in the client side implementing PKCS11.

With JavaWebStart we didnt have this issue, the frame to enter pin password to access the certificate located on the physical card would appear and the jar could be downloaded.

With OpenWebStart 1.10.1 - Adoptium 1.8.0_392 or Adoptium 11.0.22 we couldnt make it work and we keep receiving a ssl handshake failure during the jar download, meanwhile we did a test in configuring a p12 certificate trusted by our server in OpenWebStart and the jar downloaded without issue.

Does IcedTea-Web support certificate authentication from card reader when downloading main jar ?

Best regards

[sclassen]

ITW and OWS have the same code at their core. As a consequence the card-reader is not supported by both of these programs.

The OWS team offers paid support. Maybe they can add such a feature

[D-On1]

Thanks for the quick feedback, i'm closing the issue.