For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

DaZZa's avatar
DaZZa
Icon for Nimbostratus rankNimbostratus
Sep 03, 2013

Adding Microsoft internal CA as a trusted signer.

Hello.   Apologuies if this is in the wrong place, or inappropriate - but I'm reaching the end of my Google-fu and am not able to find an answer.   My company is implementing MS-Lync, and I nee...
deployment
management
microsoft
security
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Sep 04, 2013

The server SSL profile doesn't generally care about, or rather is configured by default to not be concerned with establishing trust with the internal application. You can usually apply the built-in serverssl profile, and as long as there are no unusual SSL requirements on the server, then the server SSL profile will ignore validation and trust issues.

 

In any case, the BIG-IP can import certificates in either p12 or PEM/base64 format, so it should be relatively easy to export the CA's public certificate, import it to the BIG-IP, and then apply it to the server SSL profile.

 

Do you have a special requirement to build this server side trust?