Forum Discussion

Cirrus

Jul 29, 2016

How to properly create Intermediate SSL Certificate

Hello all. I believe this should be an easy question but i need some guidance. I am publishing Skype for Business reverse proxy services with a Big IP and I am using the iApp to do so. I can get my m...

Employee

Jul 29, 2016

The next thing you'll want to do is actually perform a cryptographic verification of the chain. You'll need two files:

The web server certificate used in your client SSL profile
A bundle file containing all of the CAs used in your client SSL profile chain. If the root CA is not in that chain (it shouldn't be), add that to the test bundle file

From the BIG-IP command line, or any *NIX system that has OpenSSL:

openssl verify -verbose -CAfile [bundle file] [web server cert]

You want to see something like this:

[web server cert]: OK

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

How to properly create Intermediate SSL Certificate

Recent Discussions

NAT for specific IPs

Upgrading BIGIP 2000S to R2600

TS Declarations for DNS

how to view list os client support via cli

automatic learning logs/report ?

Related Content

Intermediate iRules: Data-Groups

Intermediate iRules: Handling Strings

Intermediate iRules: Handling Lists

Intermediate iRules: Iteration

Automating ACMEv2 Certificate Management on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS