Forum Discussion

Vendor_Neutral_'s avatar
Vendor_Neutral_
Icon for Nimbostratus rankNimbostratus
Apr 11, 2012

Certificate bundles and chaining

We have a "2 way" SSL setup where multiple business partners connect to the same VIP.

 

One of the new business partners uses a cert vendor where we need to chain the intermediate cert to the root cert. The root cert is already in the bundle as well as other intermediate certs from the same vendor.

 

The task at hand is this:

 

-I need to add an additional intermediate cert from the same cert vendor to this bundle and chain it to the root.

 

-This bundle contains multiple public cert vendor root and intermediate Certs.

 

 

My question is this:

 

-Where in the bundle do I put the new intermediate cert?

 

 

Thanks

 

3 Replies

  • Assuming I understand your question, in my experience I have found that it does not matter. The LTM seems to be smart enough to pick out the right ones regardless of where it is in the list.
  • Hi,

     

     

    It shouldn't matter where in the bundle you put the new cert as long as it's there. The client should check each cert in the bundle.

     

     

    Aaron
  • Hi Vendor,

     

    As you have mentioned that the root certificate is already in the bundle so now what you have to do is to import the intermediate certificate. When you have done this then you have to go to Profiles>ssl certificates>client certificate and there select advance when you will select advance you will see an option chain certificate select the custom box to enable it and then select your intermedicate certificate from the list. you may have to do the same for the server ssl certificate. once done bingo you are on the move....

     

     

    I hope this answers your question....

     

     

    Regards,