ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
How does the SSLV determine which Certificate Authority to use when multiple versions are present?
Article ID: 168807
Updated On:
Products
SSL Visibility Appliance Software
Issue/Introduction
How does the SSL Visibility appliance determine which Certificate Authority to use when multiple versions are present in the External Certificate Authorities?
Resolution
The SSL Visibility's validation engine rebuilds the server certificate chain prior to validation, starting from the bottom of the chain towards the root Certificate Authority (CA). It uses the X.509 extensions to inform the algorithm which CA certificate is next. If a server certificate chain has been signed with a new CA and the SSL Visibility external CAs also has an old version of that CA, the rebuilding algorithm will pick the new CA to use.
Feedback
Yes
No
Powered by
