Intermediate SSL certificate on server

Bullrdrnm · ‎02-Mar-2023

A programmer has asked if it is possible to install an intermediate SSL certificate on a single server behind an F5. Whatever programmatic tool he is using cannot validate the full chain, thus the need for the intermediate SSL certificate installation on this server.

I've searched and found documents on SSL certificate installation but nothing on the intermediate certificate installation using the F5.

Any response would be greatly appreciated.

Robert

Paulius · ‎02-Mar-2023

@Bullrdrnm This seems like a server administration question rather than an F5 question. At face value they can import any CA certificates into the server CA store that they would like but should absolutely be validated with the server administrators before he does it.

Mohamed_Ahmed_Kansoh · ‎04-Mar-2023

HI @Bullrdrnm ,
you Can extract the intermediate Certificate from the ( server / domain ) Certificate itself , and you can upload it to your Bigip in the same way of uploading any certificate and Key.
After importing it in your appliance , you can add it in clientssl profile which you are using and put it in the chain field.

if you need to extract the intermediate certificate , Follow the below Article :

https://support.solarwinds.com/SuccessCenter/s/article/How-to-extract-the-Root-and-intermediate-cert...

If you need to install it in Bigip Follow the below Articles :

https://my.f5.com/manage/s/article/K13302

https://www.digicert.com/kb/ssl-support/f5-big-ip.htm

if this doesn't meet your needs , you can explain more your deployment , to be able to help you.

_______________________
Regards
Mohamed Kansoh

DevCentral

Intermediate SSL certificate on server

Khoros Kudos Award 2022