Verify Certificate is installed
Hello everyone!
I'm currently trying to set up a Machine Cert Auth in my APM VPE with the sole purpose of verifying that the computer has installed a company computer certificate.
I'm struggling to get it to work and I'm unsure which components I actually need to get it to work. I have reviewed all manual chapters I can find and browsed through DC but still not managed to get it to work.
I have the following simple policy:
With the following Machine Cert Auth Config:
Here I have tried numerous of different combinations. The one I'm presently using is this:
CN=ad-ADDS01-CA-2, DC=ad, DC=jonsson, DC=biz
I have installed the following computer cert on the computer trying to connect:
I have configured a Certificate Authority Profile with the following settings:
That is the root CA which has signed the Computer certificate.
Here is the entire chain:
The certificate is installed in the Local Machine part and I have all of the components installed for the APM to check my certs.
Yet I’m still seeing this in the log:
Apr 12 11:57:21 bigipcore02 err apmd[7363]: 0149015f:3: MachineCert Agent: Init failed in '/Common/cert_auth_test_act_machinecert_auth_ag' reason 'Loading CA file failed'
And this when debug is turned on:
Apr 12 12:32:42 bigipcore02 debug apmd[7363]: 01490266:7: (null):Common:00000000: ./AccessPolicyProcessor/SessionState.h: 'clearTempSessionAgentState()': 118: Agent did not initiated the scheduled agent
It feels that I've done everything correct according to the examples and manuals I have found.
What am I missing? =/