SccEndpointValidator
1 TopicC3D, Client Certificate passing issue
For application new requirement, we need to pass the client certificate to backend server. We enabled the C3D option on the client and server SSL profile. I created the CA certificate and key (https://support.f5.com/csp/article/K14499) and attached to Server SSL profile. The below be the client and Server SSL profile (https://support.f5.com/csp/article/K14065425) . Refer the below settings. Prerequisites: • You must have a CA-Bundle used to validate incoming client certificates. --> Used Company's Certificate Bundle • You must have a Certificate and Key for Reverse Proxy -->Current application certificate • You must have a CA Certificate and Key that has the ability to create new certificates --> Created CA certificate and key from F5 (https://support.f5.com/csp/article/K14499) But when the client try to access application, we are getting SSL handshake error. Any configuration need to correct on F5 or ? Appreciate your help on this. 021-07-12 01:34:31,510 +0000#INFO#com.sap.scc.rt#com.sap.scc.servlets.AccessControlServlet$3# #SccEndpointValidator has thrown exception for HTTPS://141.122.200.74:64801: Received fatal alert: handshake_failure javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 2021-07-12 01:34:31,510 +0000#INFO#com.sap.scc.ui#com.sap.scc.servlets.AccessControlServlet$3##Error when checking local connectivity to gatewaypp:64801 --> javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure936Views0likes5Comments