02-Sep-2022 23:42
Hello, I'm trying to define for web-services security, a client certificate client_cert issued by another self-signed certificate root_cert, under:
Security >> Options:Application Security: Advanced Configuration: Certificates Pool >> Certificate Properties
I need to paste the PEM text only for the leaf certificate (client_cert) and need to rely on having F5 trust it based on having the root_cert defined elsewhere.
The problem is whwne saving the client_cert I'm getting an error:
I tried to define the issuing certificate (root_cert) in /config/ssl/ssl.crt/ca-bundle.crt using:
But still getting the same above error.
Kindly help,
Regards,
Solved! Go to Solution.
04-Sep-2022 04:30 - edited 04-Sep-2022 04:34
It appeared that after executing the below command:
The root_cert was appended to the last line of the previously existing certificate:
-----END CERTIFICATE----- Certificate:
We had to insert a blank line between these to become as follows at which moment we could define successfully the client WSS certificate (client_cert):
-----END CERTIFICATE-----
blank_line
Certificate:
Regards,
.
04-Sep-2022 04:30 - edited 04-Sep-2022 04:34
It appeared that after executing the below command:
The root_cert was appended to the last line of the previously existing certificate:
-----END CERTIFICATE----- Certificate:
We had to insert a blank line between these to become as follows at which moment we could define successfully the client WSS certificate (client_cert):
-----END CERTIFICATE-----
blank_line
Certificate:
Regards,
.