I'm running an application (web service) in tomcat with TLS enabled (with certificates both for the client and the server).
I want that my application will be able to send audit message (logging) when TLS handshake fails. For example I want to log when:
- the client certificate is expired,
- the client certificate is unknown (not in the server trust store)
- any other handshake failure
Is there any event that I can catch and handle in order to do that ?
My application is web service based and is running in tomcat. Tomcat is handling all network and the TLS layers, and the application does not aware of that.
As I don't open any socket myself, where should I catch this Exception ?