2-way SSL from client to F5, will this work?

Question

I want to use a self signed cert for 2 way SSL
Virtual Server has a verified Cert for a real domain, this works fine in 1 way SSL&nbsp;
I installed a Self Signed Client Certificate
I set Client Certificate to require&nbsp;
It does not appear to work, I either get a timeout or a generic SSL error&nbsp;
I have tried all the selections for Advertised Certificate Authorities non, ca-bundle, default, the SSL cert I am expecting the client to have and no luck.&nbsp;
any help?&nbsp;

nathe · Answer

Chris. Off the top of my head you need to configure Trusted Certificate Authorities. In here you need to specify the CA that the bigip trusts and can verify against when the client presents its certificate ie the CA that has signed the client cert.&nbsp;
The Advertised option is when the bigip tells the client which CAs it will accept. This is optional.&nbsp;
See if that helps.&nbsp;
N&nbsp;

Forum Discussion

2-way SSL from client to F5, will this work?

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

irule execution error

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

Show or List F5 XC Routes in the Web

Related Content

2 way ssl facing pool member

Working with MasterKeys

Fingerprinting TLS Clients with JA4 on F5 BIG-IP

How OneConnect Profile works with Cookie Persistence

2 way ssl not working with open ssl generated certificates

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS