I've ran into this problem trying to test HTTPS client-server communication protected with Ed25519 keys that uses client-side SSL authentication. I've wired BouncyCastle as the JSSE provider and the TLS handshake fails with "Invalid algorithm: {sha256(4),ecdsa(3)}". The best explanation on the subject that I found is here: https://github.com/bcgit/bc-java/issues/916 I've traced the problem to JsseSSLManager.WrappedX509KeyManager class. When the JSSE looks for the matching keys, it is being misled by this custom key manager, as: 1) getClientAliases() ignores the key type all together, so it will return aliases for the wrong key key type 2) chooseClientAlias() also ignores the passed in key types, and will return an alias that doesn't match the key type of the actual key that would be returned when requested. For reasons unknown, the server offers to authenticate the client with two key types - EC and Ed25519, in that order. JMeter ends up returning an Ed25519 key back to JSSE that asked for the EC key, causing a break down in attempting to use the key for any reasons.
I think the fix is rather trivial, and I'll file a PR on GitHub once I've tested that things work with a multi-aliased key store.
Pull request: https://github.com/apache/jmeter/pull/669
This issue has been migrated to GitHub: https://github.com/apache/jmeter/issues/5561