I have basic www/https LB configuration on the ACE. in my lab was all working. now, in production, I have a problem with https connection. in sniffer output I can see after 3way handshake this:
SSLv3: Alert (Level: Fatal, description: Bad certificate)
what does it mean? I think, my SSL chain is correct (it's a certificate for the service and root certificate) - how can I verify certification chain? (analogous to CSM module).
The openssl code has a verify function which will check a certificate against a chain. The chain needs to be a concatentation of pem format certificates and your certificate also needs to be in pem format. See http://www.openssl.org/docs/apps/verify.html
C:\ACE\WIP\Myfiles>c:\openssl\bin\openssl verify -CAfile chain.pem cert_12505775
Openssl also provides for changing the format if necessary.