Forum Discussion
CirrostratusClient Certificate Authentication with CA-Bundle
Hi,
I would like to configure a client certificate authentication, using a Client SSL Profile. This works as expected, but I need to configure multiple Trusted/Advertised CA certificates. As TMOS 13.x have the ability to configure CA-bundles, I thought this might be the best way to configure several CA certificates, without importing a PEM file containing multiple CA certificates.
In the SSL client profile configuration, I can select a CA-bundle. Unfortunately my custom CA-bundle does not appear on the list, although another custom CA-bundle does appear in the list. After several hours of researching and testing I'm not able to find out how to get my custom CA-bundle assigned to the SSL client profile.
Any ideas what might the reason, that the CA-bundle doesn't appear in the list?
Thanks for any thoughts.
Cheers,
svs
2 Replies
Leonardo_SouzaCirrocumulus
The system will show in the SSL certificate list, as certificate if only one certificate, or bundle if 2 or more certificates. Anyway, the full list (both certificate and bundle) is available for you in the chain dropdown list.
youssef1Cumulonimbus
Hi,
normally it must appear...
You can try this:
- create a certificate with only on CA, suppose you call it bundle-ca.
- set it in you ssl client profile (Trusted/Advertised)
- once configured, modify your bundle-ca with on cert adding all other certificate...
Using this way it must work. otherwise it's another problem that you have!!!
Keep me in touch
