Forum Discussion
Nimbostratuscan we have two SSL certificates attached to VIP - one is internal CA and other on is external CA
I have VIP which is configured to have ssl offloading on F5 VIP. I have multiple URL's accessing same VIP with different back end server.
i.e., the request are being send to back end pool based host name via i-rule. Wanted to know if i can apply one external CA cert for one URL and internal certificate for other URL on VIP ?
example : URL1 - abc.com
URL2 - xyz.com -
VIP: 10.10.10.10
pool1 - abc
pool2 - xyz
SSL - client-ssl_abc & client_ssl_xyz
vaibhavCirrostratus
why not get a SAN cert ?
T_Rajneeshhere, i'm not taking about SAN name added to certificate.. One is external CA with one SAN name and one is internal CA with other SAN name.. can these two be applied on single VIP
- vaibhav
- Mayur_Sutare
MVP
Yes you can bind multiple client SSL profiles on same VIP and each client profile can have different certificates (public CA/internal). Just before binding multiple client SSL profiles on single VIP, you need to define one of the profile as a default/fallback SSL profile. You can define one of the client SSL profile as a default/fallback SSL by checking option Default SSL Profile for SNI under Client SSL profile advance settings.
With this, you should be good.
