Forum Discussion
hooleylist
Dec 03, 2009Cirrostratus
Hi Mike,
Great, that helps. The "unable to get local issuer certificate" error indicates that the client cert can't be chained back to any cert in the trusted CA cert bundle configured on the client SSL profile.
If you take a look at the failing cert's issuer details, does it match the working client certs? You can use openssl from the LTM command line to test the cert:
openssl verify
http://www.openssl.org/docs/apps/verify.html
Here is another method for checking client certs:
http://www.cyberciti.biz/faq/test-ssl-certificates-diagnosis-ssl-certificate/
Aaron