Forum Discussion

Cirrostratus

Dec 15, 2011

Managing SSL Certificate Bundles

We are about changing SSL vendors, and it appears their root is already in the build-in "ca-bundle". However, their intermediates are not. I wanted to get some feedback on the right way to manage thes...

config

design

smp_86112

Cirrostratus

Dec 19, 2011

You were right, both the Root and the Intermediate certificates were in my browser. It is not clear to me whether I should include the Root certificate in the custom bundle, or just the Intermediate. So I tried to break the handshake by removing the root and intermediate from my browser (tried both IE and FF), and setting the Chain value in the Client SSL Profile to None. But when I make a connection, I don't get any error, and both the intermediate and root certificates are added automatically to my browser.

WTH? How do I break this chain? Both IE and FF want to trust both of the certificates.

Forum Discussion

Managing SSL Certificate Bundles

Recent Discussions

Outlook application issue

Why does WAF block HTTP OPTION method

Rewriting Location Header in iRule

HA Configuration (One in primary and One in DR)

Sending a trusted certificate to server

Related Content

Re: Management Certificate

Certificate Bundle Timestamp Query

Import ssl certicate bundle through iControl as user with Certificate Manager role

NGINX Management Suite API Connectivity Manager - Modern API driven Applications

Using iControl REST API to manage F5 BIG-IP Advanced Firewall Manager (AFM)