Forum Discussion

Nimbostratus

Sep 27, 2013

Two way SSL problems with APM on BIGIP

Receiving ssl_shim_vfycert:2461 when attempting two way ssl authentication. Does anyone know the underlying cause of this message or where I can find an error reference?

ssl client authentication

Kevin_Stewart

Employee

Oct 08, 2013

The message you're describing generally relates to errors in the client certificate verification process. The next step, in my opinion, should be to manually verify that the client certificate(s) do actually validate against the given CA cert(s). Upload one of the client certificates to the F5 and use the OpenSSL verify command:

[http://www.openssl.org/docs/apps/verify.html](http://www.openssl.org/docs/apps/verify.html)

Example:

openssl verify -CAfile [CA certificate] [user certificate]

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Two way SSL problems with APM on BIGIP

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

block a specific user

which virtual server will be hit?

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

APM - Portal access - Issue

F5 bot defense - false positives

Related Content

Re: BigIP Report

BigIP Report Old

Securing APIs with BigIP

Integrating the F5 BIGIP with Azure Sentinel

Upgrade F5 BIGIP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS