Forum Discussion

Cirrus

Nov 12, 2014

Verify code 0 OK but hand shake fail.

Pleas anyone help. I created a .CSR file and gave it to client, client returned a certificate.crt which i uploaded in to F5 to take file which already have private key. I created client side ssl prof...

What_Lies_Bene1

Cirrostratus

Nov 12, 2014

Your s_client command does not include parameters for the client certificate that should be sent. You need to use the

-cert certname

parameter and specifiy the client certificate. You don't need to specify the CA file as its the server verifying the certificate.

Where IE is concerned you DO NOT need to install the private key. Also, again, you do not need to install any CA or CA bundle files unless these are required to verify the SERVER certificate.

Which version of IE please? Where are you installing the certificate, are you using the Personal tab?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Verify code 0 OK but hand shake fail.

Jeff - May 2026 Featured F5er

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

Changes to DO and AS3 GitHub - no longer monitored

F5 gtm last resort pool DNS Record problem

Errors with AS3 3.56.0 with F5 17.5.1.6

certitcate error

Layered ASM for APM login page protection

Related Content

F5 self IP TLS/SSL hand shake fail with tcp port node member

Verifying Local Traffic Policy and iRule Precedence

why the device certificate verify failed when the device certificate is not expired?

Verified Design: SSL Orchestrator with McAfee Web Gateway-Part 1

Verifying Slack Requests with Mutual TLS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS