Forum Discussion

Nimbostratus

Mar 05, 2012

Chain Certificates / Client SSL Profile

We have one Virtual Server and client SSL profile shared by multiple clients coming in. One client is presenting a client cert signed by an intermediary "VeriSign Class 3 Extended Validation SSL CA" ...

config

design

kev_245_28249

Nimbostratus

Apr 03, 2012

Hoolio,

when you say "~~The client should check its client cert against each of the intermediate certs in the bundle that TMM sends during the SSL handshake"~~

~~When a profile is attached with a 'chain certificate' it will not stop TMM also using the ca-bundle?~~

I successfully created a certificate chain for a private Ca issuer, however we still need to issue the requestor with the signed cert, and thus I realised that it would work without having to create a chain cert.

~~This brings me to, when is a chain certificate required to be built?~~

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Chain Certificates / Client SSL Profile

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

Automating Certificate Management on F5 BIG-IP

SSL Profiles Part 8: Client Authentication

Automating ACMEv2 Certificate Management on BIG-IP

SSL Profiles Part 2: Certificates

SSL Client Certification Alert 46 Unknown CA

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS