Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

ERR_BAD_SSL_CLIENT_AUTH_CERT

 

Information

 

Summary: When client certificates are set to required on a Service, HTTPS application doesn't work
Environment:

Product: LoadMaster

Version: Any

Platform: Any

Application: Any

Question/Problem Description:

When the client certificates option (under SSL properties section of the VS configuration) is set to required, the site won't prompt to select a client certificate and it errors out. When the option is set to no client certificates required, the sites loads as expected.

Steps to Reproduce:  
Error Message: ERR_BAD_SSL_CLIENT_AUTH_CERT
Defect Number:  
Enhancement Number:  
Cause: SSL certificate chain was not present on the LoadMaster
Resolution:
  • We navigated to the site without client certificates being required and downloaded the certificate chain for the SSL certificate assigned under SSL properties.
  • Then, we went ahead and installed the both the intermediate and root certificates and set the client certificates option back to required (VIP > Modify > SSL Properties > Client Certificates)
  • Once this was done, the site prompted to select the client certificate and it worked as expected.
  • You can verify the chain with a tool such as SSL Checker
Workaround:  
Notes: How to Download an Intermediate Cert From Browser
 
How To Import SSL Intermediate Certificates To Your LoadMaster

Comments