Forum Discussion

Cisco2F5_16233's avatar
Icon for Nimbostratus rankNimbostratus
Apr 27, 2012

Trusted Certificate Authorities

So I have an SSL profile setup with my cert and key. Also i have the Trusted CA option checked in my SSL profile going back to a file i created with alot of root and intermediate certs created with PEM formatted certs.




admin@f5dmzp:Active] ~ openssl verify -CAfile /config/ssl/ssl.crt/CertStore_X_XX_XXXX.crt /config/ssl/ssl.crt/XXX.crt


/config/ssl/ssl.crt/XXX.crt: OK


[admin@f5dmzp:Active] ~




[admin@f5dmzp:Active] ~ openssl verify -purpose sslserver -CAfile /config/ssl/ssl.crt/CertStore_X_XX_XXX.crt /config/ssl/ssl.crt/XXX.crt


/config/ssl/ssl.crt/XXX.crt: OK


[admin@f5dmzp:Active] ~











So when we have an order from a vendor come in this is what i see in my TCP DUMP



1. Client Hello



2. Server Hello,Certificate , Certificate Request, Server Hello Done,




3. Than i see some acks back and forth but i never see them sending the Certificate and , Client Key Exchange.




4. Then the connection resets







They wanted me to send my Trusted CA but none of my other vendors need that. Could this be a setting on their end they are using a SAP Server.









No RepliesBe the first to reply