Forum Discussion
Stefan_Klotz_85
Cirrus
CirrusNeed help with SSL handshake failure and client certificates
Hi,
we are using a clientSSL-profile with client certificate set to require and also configured the trusted/allowed CA. When connecting to this VS with a valid client certificate we are ending up w...
Hi Ashwin,
thanks for your help, but we could solve the issue. It starts working after we configured the whole chain for the "Trusted Certificate Authorities"-option in the "Client Authentication"-section of the clientSSL-profile, where we initialy only configured the single issuer certificate from the client-certificate.
But what is still strange for us, as I already mentioned, in the other region it's still working with just the single issuer certificate (which I also thought that this is sufficient). Might this be related to some settings on the clientside? Not sure if it's important or relevant, but the client in our case is a CA API Gateway.
Thank you for some final hints!
Ciao Stefan :)
Ashwin_Venkat
Employee
EmployeeHi Stefan,
That message is an indication that a protocol couldn't be negotiated for the handshake, which doesn't apply in this case as we're well past that stage. If you have a packet capture with you, you can take a look at the alert code specified in the fatal alert packet to see which one resulted in the termination of the connection.
I'd recommend opening up a Support ticket with us, so we can take a look at this a bit more closely.