How to use a public CA on the Client Cert profile and OCSP validation a non-public end user certificate

See the following settings: ltm virtual gestores2-rj2.bnymellon.com.br-vip-443 { auth { **dreyfusbrascan_ca_profile** } destination 170.61.199.134:https ip-protocol tcp mask 255.255.255.255 persist { source_addr_ { default yes } } pool gestores2-rj2.bnymellon.com.br-pool-80 profiles { gestores2.bnymellon.com.br-clientssl { context clientside } microsoft_iis_https_http-wan-optimized-compression_shared_http { } tcp-custom-30min { } } } ____________________________________ ltm auth profile dreyfusbrascan_ca_profile { configuration dreyfusbrascan_ca_cfg credential-source http-basic-auth defaults-from ssl_ocsp idle-timeout 5400 rule auth_ssl_ocsp8 } _______________________ ocsp responder DreyfusBrascanCA_CRL { url "http://170.61.198.73/ocsp" ca file "Dreyfus-ca-bundle.crt" ignore aia enable nonce disable validity period 3600 _________________ ltm profile client-ssl gestores2.bnymellon.com.br-clientssl { allow-non-ssl disabled authenticate once authenticate-depth 9 ca-file intermediate-ca-bundle.crt cert sma.bnymellon.com.br.10152014.crt chain intermediate-ca-bundle.crt client-cert-ca Dreyfus-ca-bundle.crt defaults-from clientssl key sma.bnymellon.com.br.10152014.key peer-cert-mode request renegotiate-max-record-delay 4294967295 renegotiate-period 3600 renegotiation enabled secure-renegotiation request strict-resume enabled unclean-shutdown enabled } ___________