What certificate to load into the load balancer?

Say that you have a company foo.com with a division yoo.foo.com. The file
that gets uploaded to authenticate traffic to vServer my.yoo.foo.com..
should that be just the server certificate (the .star.yoo.hoo.foo.cer) ?
Or should you load the star.yoo.hoo.CA.Chain.cer? Or the star.yoo.hoo.Intermediate.cer?
Or the star.yoo.hoo.CA.Root.cer?

The issue is one of our partners is seeing this error:

Verify return code: 21 (unable to verify the first certificate)

The environment is VMWare NSX Load Balancer. Thank you.

The certificate directory has all these difference parts of the cert chain
and I don't want to load up too many or too few - and I want the errors
to go away.

When running a test against our web site. Thank you.
LVL 1
amigan_99Network EngineerAsked:
Who is Participating?
 
MichelangeloConnect With a Mentor ConsultantCommented:
you have to put the whole certificate chain in reverse order
certificate
intermediate
root
Also you have to import the private key used in the CSR generation in case the CSR has not been made by NSX.
Instruction here
https://kb.vmware.com/s/article/2113945
0
 
amigan_99Network EngineerAuthor Commented:
Wow - that's awesome. Thank you.
0
 
MichelangeloConsultantCommented:
Glad to help!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.