Forum Discussion
Muhammad_Irfan1
Cirrus
CirrusServer and client certificate CN should match or not in client authentication
During client authentication set to require.
F5 certificate CN and Client certificate CN should match?
I uploaded CA bundle through GUI but that is not shown in
/config/file...
F5 certificate CN and Client certificate CN should match?
no, cn should not be the same because they authenticate different things (one authenticates server but the other one authenticates client).
I uploaded CA bundle through GUI but that is not shown in /config/filestore/files_d/Common_d/certificate_d
i understand it is correct. trust_certificate_d is for device trust.
nitass
Employee
Employeeis this client certificate?
4 6 0.0041 (0.0015) C>S Handshake
Certificate
ClientKeyExchange
Muhammad_Irfan1Cirrus
Cirrus[root@www:Active:In Sync] config openssl verify -verbose -CAfile CHecking.crt certs/10.50.171.9.crt
why this command is not accepted.
Getting this error
[root@www:Active:In Sync] config openssl verify -verbose -CAfile CHecking.crt certs/10.50.171.5.crt
Error loading file CHecking.crt
22072:error:02001002:system library:fopen:No such file or directory:bss_file.c:126:fopen('CHecking.crt','r')
22072:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:
22072:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check] [-engine e] cert1 cert2 ...
recognized usages:
sslclient SSL client
sslserver SSL server
nssslserver Netscape SSL server
smimesign S/MIME signing
smimeencrypt S/MIME encryption
crlsign CRL signing
any Any Purpose
ocsphelper OCSP helper
