I'm trying to setup WAF for exchange active sync with client authentication based on user certificates. I'm getting the following message in the WAF log:
[warn] Proxy client certificate callback: (owa.lalalala.de:443) downstream server wanted client certificate but none are configured
My question is: Wich certificate is missing where?
I have the AD-user-cert (call it a.) on the device, the CA Cert for the user cert (call it b.) - this also signes the exchange servers certs - and the VPN CA from my asg (call it c.). The WAF virtual server uses the san cert of my exchange servers (call it d.) that is signed by the CA Cert (this is b.) that is also imported as verification CA (btw. owa is working with an other 'normal' pc client).
- a. is signed by b.
- d. is signed by b.
- device has a. and b. and should trust d.
- asg has b. and d.
Any help is appreciated :-).
Regards
Manfred
This thread was automatically locked due to age.
