I've setup an API Proxy to my backend target, loaded a client certificate in a keystore, created a KeyStoreRef and deployed the setup as per the guide
When running a test I get error 503, and looking at the logs in my target backend device, I can see the connection but it is not supplying the client certificate. Anyone have any ideas if I missed anything please?
Solved! Go to Solution.
Hi,
Place the full CA chain into the keystore that is going to be used in the client side response. So
the keystore contains - client cert - intermediate cert(s) - root CA certificate
That should resolve the issue.
is the backend using a self signed cert ? If so you need to also create a truststore.
Both the server cert at the back end and the client cert I'm trying to send are EnTrust certs, so should not need a trust store.
Hi,
I am currently working on an similar issue. I will post back here my findings.
regards,
Thanks Russell, I believe from looking at my audit logs it's my issue you're looking at. 🙂
@Russell Blewitt , Answers are strictly for answers. Please use comments for feedback / queries etc. Converting it to comment. Thank you.
Hi,
Place the full CA chain into the keystore that is going to be used in the client side response. So
the keystore contains - client cert - intermediate cert(s) - root CA certificate
That should resolve the issue.
It worked a treat Russell. Thanks for all the help.
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |