SSL Handshake error due to Enhanced key usage of client certificate
Hi,
client system: SAP ECC system connection type: RFC - type -G (HTTPS) Target system : F5 Load balancer and finally --> SAp Netweaver system. The SSL is termiated at loadbalancer. The target load-balancer has our certificate chain in its trust store. Our client SSL certificate is generated from the SAP system STRUST and signed by VeriSign Class 3 Secure Server CA - G3.
Parameters set at loadbalancer: Client Authentication --> Client Certificate == request Ciphers= DEFAULT
The load balancer rejects the connection telling below errors. local/tmm1 info tmm1[4963]: Rule client_cert_crossgate : Debug: cert_counter : 0 local/tmm1 info tmm1[4963]: Rule client_cert_crossgate : Debug: verify : 50
The reason told by the administrators are that our client certificate has multiple " Enhanced Key usage"- as given below. 1- Server Authentication (1.3.6.1.5.5.7.3.1) 2- Client Authentication (1.3.6.1.5.5.7.3.2) is this a valid reason? Is there an option to change this behavior of the load balancer, so that it accepts this type client certificates also?
regards, SRK_SAP