COMODO ECC Certification Authority (root CA)
|__ COMODO ECC Domain Validation Secure Server CA 2 (subordinate issuing CA)
|__ ssl310949.cloudflaressl.com (This is the server certificate with SAN's for experts-exchange.com, *.experts-exchange.com)
Open in new window
When Do You Pin?
You should pin anytime you want to be relatively certain of the remote host's identity or when operating in a hostile environment. Since one or both are almost always true, you should probably pin all the time.
A website operator can choose to either pin the root certificate public key of a particular root certificate authority, allowing only that certificate authority (and all intermediate authorities signed by its key) to issue valid certificates for the website's domain, and/or to pin the key(s) of one or more intermediate issuing certificates, or to pin the end-entity public key.
F5 box is serving the client browser as a server hence it requires the key and certificate.
IT issues often require a personalized solution. With Ask the Experts™, submit your questions to our certified professionals and receive unlimited, customized solutions that work for you.