Forum Discussion

Nimbostratus

Mar 05, 2012

Chain Certificates / Client SSL Profile

We have one Virtual Server and client SSL profile shared by multiple clients coming in. One client is presenting a client cert signed by an intermediary "VeriSign Class 3 Extended Validation SSL CA" ...

config

design

hooleylist

Cirrostratus

Mar 05, 2012

Hi Jake,

I think you're correct on both points. The client should check its client cert against each of the intermediate certs in the bundle that TMM sends during the SSL handshake. It would be good to test this to confirm with two client certs signed by different CAs.

Aaron

Recent Discussions

Reporting Help Needed
Dec 22, 2024
debtanubiswas1
Switch ssl profile based on weak cipher detection via IRULE
Dec 21, 2024
aliasgar215
F5 looses the token for the first call
Dec 20, 2024
Ozzy
iRule - Url rewrite and header replace and pool selection not working
Dec 20, 2024
rct101
full-proxy HTTP2
Dec 20, 2024
former_newbie

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Chain Certificates / Client SSL Profile

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

Client Certificate Authentication - Machine or Client cert APM method

Need help with SSL handshake failure and client certificates

BIG-IQ Certificate

Irule client certificate check against ldap value

HTTPS communication and client and server ssl profile

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS