Forum Discussion
Xavier_Gillmann
Nimbostratus
NimbostratusCerts chains and authenticate depth...
Hi everybody,
I'm currently encountering problems with (client) certificate validation: when the client registers all certificate chain in its browser, this one (at least IE) submits all the...
Steve_Brockman_Nimbostratus
NimbostratusSorry to repost,
But this seems strange that F5 rejects SSL connections (during a 2-way SSL connection) if the certificate presented is of type "Server." I have proven that a simple Java (JSSE) application that presents a "ServerAuth" certificate during a connection to a VS is being rejected by F5. Whereas, certificates issued as "Client" are allowed. But this presents a big problem because what if a server is running our application and wishes to connect to another cluster of servers behind the VS ??
F5 support is claiming this is not a bug.
I checked the TLS, SSLv3 and SSLv2 specs and nowhere does it specify that certificates must be rejected based on their type.
Can anyone confirm/contradict this?
Thanks,
Steve
