Forum Discussion

Nimbostratus

Mar 05, 2012

Chain Certificates / Client SSL Profile

We have one Virtual Server and client SSL profile shared by multiple clients coming in. One client is presenting a client cert signed by an intermediary "VeriSign Class 3 Extended Validation SSL CA" ...

config

design

kev_245_28249

Nimbostratus

Apr 03, 2012

Hoolio,

when you say "~~The client should check its client cert against each of the intermediate certs in the bundle that TMM sends during the SSL handshake"~~

~~When a profile is attached with a 'chain certificate' it will not stop TMM also using the ca-bundle?~~

I successfully created a certificate chain for a private Ca issuer, however we still need to issue the requestor with the signed cert, and thus I realised that it would work without having to create a chain cert.

~~This brings me to, when is a chain certificate required to be built?~~

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Chain Certificates / Client SSL Profile

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

Update your DevCentral user profile

Enhance your Application Security using Client-side signals

List of client ssl profiles certificate chain

Client Certificate Verification using Request

Extended X509 Certificate Parsing

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS