F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

upendra_126737's avatar
upendra_126737
Icon for Nimbostratus rankNimbostratus
Dec 18, 2013

Bundle Certificate

I have two separate domain certificate bundle together but I can access only one domain. How I can access the other domain? My LTM 1600 version is v11.2  
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Dec 23, 2013

In short, using SNI it is possible to use multiple wildcard certs on one VIP. You must configure each client SSL profile accordingly:

 

  1. The wildcard cert and key
  2. The Server Name attribute must match the cert common name (ex. *.domain.com)
  3. In one of the profiles you must select the "Default SSL Profile for SNI"

Add both client SSL profiles to the VIP.

 

You cannot use a bundle cert in this instance, because you need a mechanism like SNI to be able to switch between the certs based on the client request. The one big caveat with SNI is that it's only supported by clients that support TLS. That's not so much an issue these days, but anyone running Windows XP and IE6 (and below) will have problems.