For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Muhammad_Irfan1's avatar
Muhammad_Irfan1
Icon for Cirrus rankCirrus
Nov 29, 2014
Solved

Server and client certificate CN should match or not in client authentication

During client authentication set to require.   F5 certificate CN and Client certificate CN should match?   I uploaded CA bundle through GUI but that is not shown in   /config/file...
  • nitass_89166's avatar
    nitass_89166
    Nov 29, 2014

    F5 certificate CN and Client certificate CN should match?

     

    no, cn should not be the same because they authenticate different things (one authenticates server but the other one authenticates client).

     

    I uploaded CA bundle through GUI but that is not shown in /config/filestore/files_d/Common_d/certificate_d

     

    i understand it is correct. trust_certificate_d is for device trust.

     

Muhammad_Irfan1's avatar
Muhammad_Irfan1
Icon for Cirrus rankCirrus
Dec 01, 2014

[root@www:Active:Changes Pending] certificate_d openssl verify -verbose -CAfile :Common:CHecking.crt_191817_1 :Common:Siebel-SSL-CA1.crt_191778_1 unable to load certificate 32254:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:648:Expecting: TRUSTED CERTIFICATE

 

Getting this error now