Does server ssl profile check a web-server certificate validity ?
Hi :)
I would like to know if a self created ssl server profile can check if some web-servers pool have valid certificate.
I have a full proxy, client side works properly and server side also with default serverssl profile.
But now we would like to create our own server ssl profile to validate web-servers certificates (if it's ok or if it's "insecure").
In server ssl profile we configure this options:
- Server Certificate: Require
- Untrusted Certificate Response Control: Drop
The last option is "Trusted Certificate Authorities" that we have to specify CA of endpoint or a chain/bundle.
We tried to add all CA (root+intermediate+server) in a bundle but fails, also try to put (root+intermediate) in the server profile but fails again. Finally try to put only "server" CA in the server profile but fails also.
How we can accomplish this goal ?
Thanks,
Eric