Forum Discussion

mhd90_359601's avatar
mhd90_359601
Icon for Nimbostratus rankNimbostratus
Apr 24, 2018

certbundle with two roots for an intermediate

hi, i have a cert bundle with and intermediate cert that can be traced to two different root certs? f5 is rejecting the client cert for authentication. question is, can having two roots be a cause of this problem?

 

2 Replies

  • The intermediate will only go to one Root Certificate. The Clients Certificate path will give the Intermediate and Root. The Root and Intermediate can...be named the same, but belong to a different Root Certificate. 1. Open client Certificate)

     

    2. Click on the Intermediate "View Certificate" -> "Detail" tab -> Verify the Intermediate in the Cert bundle by the "Public Key hash" or "Thumbprint"

     

    The numbers will match the users Intermediate and it will match the certificate in the cert bundle.

     

    To view the Certificate in the Cert bundle: Copy one of the hashes to notepad and save it as .crt (Windows) -Perform Step 2 above.

     

  • I agree with Shaun on fixing it, if it can be the cause of it not working, kinda doubt it. you can have multiple root certs to allow clients from different chains, so why would it fail now.

     

    but try fixing and see what happens, do report back please.