Last Modified: Dec 31, 2025
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
17.5.0, 17.1.0, 16.1.2.2
Opened: Jul 11, 2022 Severity: 3-Major
When client authentication is enabled on the client SSL profile but the trusted-ca file includes only an intermediate certificate and no CA root cert to build the whole cert chain, although the TLS connection is made, as expected, there is an error message reported following. Jun 21 20:43:01 bigip warning tmm6[18125]: 01260006:4: Peer cert verify error: unable to get issuer certificate (depth 1; cert /CN=subca) Jun 21 20:43:01 bigip warning tmm6[18125]: 01260005:4: Unable to get certificate for peer cert issuer /CN=rootca
Although the TLS handshake succeeds without any issue and the connection is processed, as expected, a confusing warning is reported.
Trusted-ca includes only inter-cert and no root CA-cert is configured.
Because the connection is made, you can safely ignore this message. Note: This issue does not occur if the root CA cert is also configured in the CA-cert bundle.
None