What certs are actually being used? Maybe the certs are super old/insecure.
They are here, and have been updated relatively recently:
$ keytool -list -v -keystore clientcert.jks
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: cts
Creation date: 23 Dec 2019
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=CTS, OU=Java Software, O=Sun Microsystems Inc., L=Burlington, ST=MA, C=US
Issuer: CN=CTS, OU=Java Software, O=Sun Microsystems Inc., L=Burlington, ST=MA, C=US
Serial number: 68deca39
Valid from: Mon Dec 23 07:21:39 CET 2019 until: Sat Aug 13 08:21:39 CEST 2044
Certificate fingerprints:
SHA1: 34:07:E8:84:5B:5D:FC:DE:58:05:E6:2C:E2:85:76:BF:F7:CD:4B:E1
SHA256: 2D:C2:51:F7:35:45:6D:6E:9C:AE:D7:9C:EA:21:92:C6:17:6C:A2:A8:09:A8:50:22:AC:9C:02:68:94:C9:F1:DF
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D6 86 B4 6D AB 78 A9 0E CB 85 F9 AD F6 AC 79 9D ...m.x........y.
0010: 30 C7 67 61 0.ga
]
]
*******************************************
*******************************************