Forum Discussion
david_baumgart_
Jul 29, 2016Cirrus
How to properly create Intermediate SSL Certificate
Hello all. I believe this should be an easy question but i need some guidance. I am publishing Skype for Business reverse proxy services with a Big IP and I am using the iApp to do so. I can get my m...
Kevin_Stewart
Jul 29, 2016Employee
The next thing you'll want to do is actually perform a cryptographic verification of the chain. You'll need two files:
-
The web server certificate used in your client SSL profile
-
A bundle file containing all of the CAs used in your client SSL profile chain. If the root CA is not in that chain (it shouldn't be), add that to the test bundle file
From the BIG-IP command line, or any *NIX system that has OpenSSL:
openssl verify -verbose -CAfile [bundle file] [web server cert]
You want to see something like this:
[web server cert]: OK
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects