Cybersecurity
DevOps Cloud
IT Operations Cloud
Summary
After upgrading the Access Manager Appliance from 5.0.2 to 5.0.3 proxy service will send the server certificate only during the SSL handshake
Products
Access Manager (NAM)
Environment
Access Manager Appliance (SingleBox Solution) Version 5.0.3
Situation
Running an SSL Handshake the Server Certificate send just includes the Server Certificate but is missing any root certificates like in the example below
➤ openssl s_client -connect nam.kgast.local:443 -showcerts CONNECTED(00000004) depth=0 CN = nam.kgast.local verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 CN = nam.kgast.local verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:CN = nam.kgast.local i:OU = Organizational CA, O = NAM_TREE -----BEGIN CERTIFICATE----- MIIE7TCCA9WgAwIBAgIUJtqBlUchJuEbihY24Tpk0ERpdpAwDQYJKoZIhvcNAQEL +++ ++++++ eqZVT1sqAVl8PTeVmW+q1hU= -----END CERTIFICATE----- --- Server certificate subject=CN = nam.kgast.local issuer=OU = Organizational CA, O = NAM_TREE
Read Full Knowledge Base Article for additional certificate examples, issues and resolution.
URL Name
KM000011980