SNI and Client certificate authentication

Hi all,

it seems I'm running into the same issue, but I'm not sure if I really understand the above answers correctly.

We also have a VS with currently seven different clientSSL-profiles (and might be more in the future). One of it should be configured with Client Authentication, but if I try to enable it I get the following error message.

0107157c:3: Selected client SSL profiles do not match security policies for Virtual Server /Common/.

The default SSL profile contains a self-signed wildcard certificate and all other six profiles just have its cert-key-chain configured and the appropriate "Server Name". The chain is equal for all six "real" certificates and I also tried to include it for the default wildcard profile, but the error message is still the same.

Right now I don't see the reason for this error message and therefor don't know where to search for. And I also don't really understand if the answer from Kevin is the solution/workaround for my setup as well.

We have another VS with just one clientSSL-profile active and there Client Authentication can be enable without any issues.

By the way we are using 11.5.3

Thank you for your help or further ideas!

Ciao Stefan 🙂