C3D, Client Certificate passing issue
For application new requirement, we need to pass the client certificate to backend server. We enabled the C3D option on the client and server SSL profile.
I created the CA certificate and key (https://support.f5.com/csp/article/K14499) and attached to Server SSL profile.
The below be the client and Server SSL profile (https://support.f5.com/csp/article/K14065425) . Refer the below settings.
Prerequisites:
• You must have a CA-Bundle used to validate incoming client certificates. --> Used Company's Certificate Bundle
• You must have a Certificate and Key for Reverse Proxy --> Current application certificate
• You must have a CA Certificate and Key that has the ability to create new certificates --> Created CA certificate and key from F5 (https://support.f5.com/csp/article/K14499)
But when the client try to access application, we are getting SSL handshake error.
Any configuration need to correct on F5 or ?
Appreciate your help on this.
021-07-12 01:34:31,510 +0000#INFO#com.sap.scc.rt#com.sap.scc.servlets.AccessControlServlet$3#
#SccEndpointValidator has thrown exception for HTTPS://141.122.200.74:64801: Received fatal alert: handshake_failure javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
2021-07-12 01:34:31,510 +0000#INFO#com.sap.scc.ui#com.sap.scc.servlets.AccessControlServlet$3# #Error when checking local connectivity to gatewaypp:64801 --> javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure