154 ServerIron ADX Security Guide
53-1002440-03
Configuring SSL on a ServerIron ADX
6
FIGURE 12 Certificate Fields
There are two steps that will ensure that the chain is correct.
1. Verify that the issuer of the server certificate matches the subject of the intermediate CA's
certificate.
2. Verify that the issuer of the intermediate CA's certificate has an entry in the client's trusted
certificates.
For the first step, you must convert the certificate chain to a readable format. From the BP
console, use the show ssl cert <cert chain name> command to convert the chain to readable
format. All certificates in the chain are displayed and every certificate must begin with the
keyword certificate.
ServerIronADX# show ssl cert *
1 :verisign128cert
2 :cert2112.pem
3 :cert2031.pem
4 :cert4030
3 :cert2031
ServerIronADX# show ssl cert verisign128cert
Certificate:
Dat Version: lu (0xlx)