How to properly create Intermediate SSL Certificate
Hello all. I believe this should be an easy question but i need some guidance. I am publishing Skype for Business reverse proxy services with a Big IP and I am using the iApp to do so. I can get my mobile clients to connect and sign in through the reverse proxy and I can do a lot of what needs to happen, but sometimes I can't connect to calls on my phone and when I run into the issue I also simultaneously get a certificate warning stating that the Godaddy certificate that i purchased and set up on my reverse proxy could not be verified. This is making me think that I set this up wrong somewhere.
So what I did was I exported the certificate as a .pfx from my Edge server with it's private key and imported it to my F5 unit where I imported it as:
Import Type: PKCS 12 (IIS) Certificate Name: Skype_Public Certificate Source: PFX I exported Password: ********** Key Security: Normal
Then for the chain certificate I imported the godaddy bundle (labeled gd_bundle-g2-g1). There is also a PKCS7 certificate labeled as gd-g2_iis_intermediates but i couldn't get it imported into the Big IP and i was fairly confident it needed the bundle anyway. I imported the bundle as follows:
Import Type: Certificate Certificate Name: Skype_Public_Bundle Certificate Source: gd_bundle-g2-g1
Then in the iApp i just went and set it to create a new client ssl profile and used the Skype_Public-PFX.crt as the ssl certificate and used Skype_Public_PFX.key as they Key. Finally I used the Skype_Public_Bundle.crt as my intermediate cert, fired up the iApp, and could sign in with my phone. But i got the above errors so I am thinking I dropped the ball somewhere as i am relatively inexperienced with SSL certificates.