cert issue

Question

I am running into any issue with one of the VS on F5. We have SSl certs to decrypt the client traffic.
But when users try to access the site they get the unable to get local issuer certificate (20), continuing anyway error.&nbsp;
in client ssl profile  . I have the intermediate cert and the key and in the chain have the root cert.
Do i need import all the certs bundle under the certificate.&nbsp;

jinshu · Answer

You need to add root CA in the client browser if you are using an internal CA signed cert.&nbsp;
-Jinshu&nbsp;

sandiksk_35282 · Answer

No client certificate CA names sent
SSL handshake has read 2039 bytes and written 495 bytes
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : DHE-RSA-AES256-GCM-SHA384
    Session-ID: C64160D953DD6B228EAF7E129812AEDCB7EA85734C479F8AF28AC7AC13E42E30
    Session-ID-ctx: 
    Master-Key: E89D1B31F7B19C01083878F882041675A80B370EACDAC5EA33F4A20CD88E80DABD72A2CE841326E9C19862593C447665
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1520463060
    Timeout   : 300 (sec)&nbsp;
    Verify return code: 21 (unable to verify the first certificate)

Forum Discussion

cert issue

Recent Discussions

Big IP DNS Failover

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

Related Content

Use Kubernetes Cert-Manager to Maintain Let's Encrypt Certificates

SSL Cert expiration Tracker

Regex issue

SSL-Cert

New iOS F5 Access version (3.1.0) issues

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS