Forum Discussion
Need help with SSL handshake failure and client certificates
- Jun 30, 2017
Hi Ashwin,
thanks for your help, but we could solve the issue. It starts working after we configured the whole chain for the "Trusted Certificate Authorities"-option in the "Client Authentication"-section of the clientSSL-profile, where we initialy only configured the single issuer certificate from the client-certificate.
But what is still strange for us, as I already mentioned, in the other region it's still working with just the single issuer certificate (which I also thought that this is sufficient). Might this be related to some settings on the clientside? Not sure if it's important or relevant, but the client in our case is a CA API Gateway.
Thank you for some final hints!
Ciao Stefan :)
Hi Ashwin,
thank you for the quick answer. The signature algorithm shouldn't be an issue as this is SHA1 with RSA. But which certificate in the SSL profile do you mean? The server certificate, the client certificate or the issuer certificate (from the client certificate)?
What I can provide in the meanwhile from the SSL debugging is this message:
ssl_hs_rxhello:7103: unsupported version (40)
Does this help or indicating in the correct direction?
Thank you!
Ciao Stefan 🙂
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com