For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Altostratus rank

Altostratus

Jan 01, 2018

2 URL's on same vip with wildcard certificate

Here is the existing setup. VIP and pool members listening on 443. Wild card certificate on the client ssl. In server profile "abc.com as server name. Requirement: One more URL to be added...

application delivery

Hannes_Rapp_162

Icon for Nacreous rank

Nacreous

Jan 01, 2018

If all works with

abc.com

right now, and you already terminate clientssl with

*.abc.com

certificate, no changes on BigIP LTM are required to add support for

xyx.abc.com

. They just create new DNS A record to point xyx.abc.com to same VIP as abc.com and voila!

Serverssl profile has no domain-aware significance. It is used to enable BigIP act as a SSL/TLS client so the traffic to Pool Member will be encrypted before it's forwarded downstream.

Icon for Employee rank

Employee

Jan 01, 2018

if i do not misremember, serverssl profile does not forward server name indicated from clientside to serverside. so, can you try something like this?

¬†

Modifying serverside SSL profile based on hostname for SNI (Kai Wilke's comment) https://devcentral.f5.com/s/feed/0D51T00006i7eN3SAI

¬†

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Academy at AppWorld 2026

DevCentral News

Introducing the F5 AI Assistant for BIG-IP

Technical Articles

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5