Forum Discussion
Just so that I understand you correctly, if the client will be using https://collector.api.devabcdcentral.com in curl then the server name in SNI with value "collector.api.devabcdcentral.com" should be correct, right?
Also, could you please elaborate on what you mean by "<- it MUST match both the requested server name and the server name (or a subject alt name) in the client SSL profile's assigned certificate." from you comment?
To give you a little background: The virtual server is "int_api.devabcdcentral.com_wildcard_443_dev" which handles any traffic matching *.api.devabcdcentral.com at 443. This already has an SSL Client profile (no client authentication set up) attached to it. To this I am adding a new SSL Client profile that will handle traffic intended for "collector.api.devabcdcentral.com" and this one needs a curl to present a certificate (client authentication on).
I am unable to follow point 1 from the testing suggestions because it is a shared virtual server and if I take off the original SSL client profile then it might break the existing services hosted there.