Starting with this release, specific intermediate certificates can be assigned to Virtual Services, using controls within the SSL Options accordion in the UI. The default behavior, and the behavior in previous releases, is that all installed intermediate certificates will apply to a VS; this means that any client certificate presented that uses an intermediate certificate found on LoadMaster will be accepted and access to the VS will be granted. Once one or more intermediate certificates is selected in a VS configuration, only client certificates that have one of those specific intermediate certificates in their certificate chain will be granted access to the VS.