Forum Discussion

Altocumulus

Sep 06, 2018

Intermediate and certificate checks in BIG-IP LTM

Is there a functionality in the newer code for LTM that checks the Intermediate Certificate Chain and whether it checks the compatibility to a certificate? I know the newer code checks the certificat...

Altocumulus

Sep 07, 2018

Hi, thanks Kevin, yes, I am speaking of validating the CA chain to the end certificate. For example, I apply a profile and the certificate and key match but the chain is wrong. i.e, Symantec_class_3_ev_ssl_g3 is placed but should be a _g4 CA. I know that I can check the chain via cli but I was looking for a quicker check. I have worked with Citrix Netscaler Loadbalancers previously and they will not allow you to place the incorrect chain with a cert. It will give you an error to say that the hash does not match. I am using a very old code 10.x and I would like to know if the newer codes perform such checks.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Intermediate and certificate checks in BIG-IP LTM

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

Intermediate iRules: Data-Groups

Intermediate iRules: Handling Strings

Bypass certificate check

Intermediate iRules: Handling Lists

Intermediate iRules: Iteration

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS