Forum Discussion
Nimbostratus2-way SSL and 1-way SSL on LTM
what is the difference in the configuration for two-way and one-way SSL on f5 LTM. For instance, If I have to configure 2-Way SSL between client and f5 and then 1-way between f5 and backend server for an application, how I can achieve that?
Any help is really appreciated.
Thanks in advance!
2 Replies
- Kevin_Stewart
Employee
Two-way, or "mutual" SSL is when you need to get a certificate from the client in an SSL handshake. All of this is handled inside the properties of the client SSL profile.
One-way SSL is what you traditionally see going to most HTTPS sites on the Internet, that don't challenge for a client certificate. It's one-way because only the server presents a certificate in the SSL handshake.
As the client and server SSL sessions are completely different on the F5, you can very easily do different things in each, including mutual authentication on the client side and regular one-way SSL to the backend server.
- Kevin_Stewart
so 1-way SSL on server side profile on f5 means only the server is presenting certificate?
Correct.
I think that's how we normally configure SSL on f5, right?
Correct.
Is there any f5 link on how to configure profiles for these two scenarios?
