Forum Discussion

Stefan_Klotz_85's avatar
Stefan_Klotz_85
Icon for Cirrus rankCirrus
Jun 29, 2017

Need help with SSL handshake failure and client certificates

Hi, we are using a clientSSL-profile with client certificate set to require and also configured the trusted/allowed CA. When connecting to this VS with a valid client certificate we are ending up w...
client certificate
client ssl profile
LTM
security
  • Stefan_Klotz_85's avatar
    Stefan_Klotz_85
    Jun 30, 2017

    Hi Ashwin,

     

    thanks for your help, but we could solve the issue. It starts working after we configured the whole chain for the "Trusted Certificate Authorities"-option in the "Client Authentication"-section of the clientSSL-profile, where we initialy only configured the single issuer certificate from the client-certificate.

     

    But what is still strange for us, as I already mentioned, in the other region it's still working with just the single issuer certificate (which I also thought that this is sufficient). Might this be related to some settings on the clientside? Not sure if it's important or relevant, but the client in our case is a CA API Gateway.

     

    Thank you for some final hints!

     

    Ciao Stefan :)

     

Stefan_Klotz's avatar
Stefan_Klotz
Icon for Cumulonimbus rankCumulonimbus
Jun 30, 2017

Hi Ashwin,

 

does this provide you more useful information? Thank you!

 

Ciao Stefan :)