Forum Discussion
Alain_Morin_147
Nimbostratus
NimbostratusCertificates implementation in "SSL forward proxy client and server authentication" scenario.
I want to implement SSL forward proxy client and server authentication, and I am not sure how certificates are implemented. How can it be done? I mean how do I have to implement client and server cer...
Alain_Morin_147Nimbostratus
NimbostratusI followed the 11.5.0 procedure but I still have the same error. Here is my current config like posted before:
list ltm virtual VS-TESTVERINT ltm virtual VS-TESTVERINT { destination 172.29.243.27:http ip-protocol tcp mask 255.255.255.255 pool P-TESTVERINT profiles { CSSL-TESTVERINT { context clientside } SSSL-SNVERAPP { context serverside } http { } tcp { } } source 0.0.0.0/0 source-address-translation { pool VIP-TESTVERINT type snat } vlans-disabled }
list ltm profile client-ssl CSSL-TESTVERINT ltm profile client-ssl CSSL-TESTVERINT { app-service none cert-extension-includes none cert-lifespan 30 defaults-from clientssl proxy-ca-cert TESTVERINT.EXT.VIDEOTRON.COM.crt proxy-ca-key TESTVERINT.EXT.VIDEOTRON.COM.key proxy-ca-passphrase $M$Oy$plRYv/NIjd7CVO5FRnJGxA== ssl-forward-proxy enabled }
list ltm profile server-ssl SSSL-SNVERAPP ltm profile server-ssl SSSL-SNVERAPP { app-service none cert default.crt defaults-from serverssl key default.key ssl-forward-proxy enabled }