NimbostratusPublishing a website with SSL using an internal certificate
Hi all
Im using F5 BIGIP v13 as reverse proxy to publish some websites. When publishing using SSL with a 3rd party certificate it works. But now im trying to publish an internal site with a certificate signed with my local CA, and no way to make it work.
I have created two VS. One for HTTP and another for HTTPS. Publishing the site as HTTP works: client --http--> F5 --http--> server
Publishing the same site as HTTPS, does not work: client --https--> F5 --https--> server
The server responds correctly to both HTTP and HTTPS.
The certificate with the full chain (the internal CA root cert) is imported. The VS is configured with a client ssl profile with the certficate, key and chain. The VS is configured with the default serverssl profile.
Firefox shows an error: "The page you are trying to view cannot be shown because the authenticity of the received data could not be verified."
openssl command seems to return no errors:
openssl s_client -connect 192.168.206.70:443 -cert /config/filestore/files_d/LAN_d/certificate_d/:LAN:WILDCARD_mydomain.lan.crt_160529_1 -key /config/filestore/files_d/LAN_d/certificate_key_d/:LAN:WILDCARD_mydomain.lan.key_160527_1
CONNECTED(00000003)depth=1 DC = lan, DC = mydomain, CN = myou verify error:num=19:self signed certificate in certificate chainverify return:0...No client certificate CA names sent...Verify return code: 19 (self signed certificate in certificate chain)
Am I doing something wrong? What would be the correct way to configure this?
Thanks!