Forum Discussion
8 Replies
Sort By
- strongarm_46960Nimbostratusimpossible, since it would mean associating multiple profiles to a VIP.
- hooleylistCirrostratusI think you can concatenate multiple CA certificates in a bundle and configure the client SSL profile to use the cert bundle as the trusted client CA's option. Here is a snippet from the 9.3 config guide:
- strongarm_46960NimbostratusAs usual, Aaron is completely right, I have done this many times, you just have to copy the contents including the ===beginning=== and ===end== of each cert and past it into a single file then associate that within your profile (SSL Profile (Client)).
- Tony_Augustine_NimbostratusAaron
- hooleylistCirrostratusAre you having problems with Windows line terminators being different from Linux? Windows using CR and LF while *nix uses LF.
- strongarm_46960Nimbostratus... do
- SteveMPNimbostratusI know this is an old thread, but hoping maybe someone can chime in. I am attempting to get this working on Version 10.2.1. I was able to create the cert bundle and the key bundle, and a new profile using these bundles. I dont see any errors anywhere. But when I access the site from a browser, it seems that the browser only sees the first cert that I imported into the bundle. Is there anything else I need to do to get it show both?
- Kevin_StewartEmployeeYou can't specify multiple server certificates this way. So just that we're clear, this thread is about accepting client certificates from multiple CAs. That's accomplished by adding all of the CA public certificates to a text file and applying that to the Trusted Certificate Authorities drop down of the client SSL profile. You can optionally use this "bundle" in the Advertised Certificate Authorities drop down, or tailor it so that only specific certificate choices are shown in the client browser.