Certificates implementation in "SSL forward proxy client and server authentication" scenario.

If this is in fact a reverse proxy environment (external users accessing internal resources) then you DO NOT configure any forward proxy SSL settings in the SSL profiles. This is strictly for internal clients accessing remote (Internet) services. So given this, your client SSL profile needs to have the external certificate and key (verint.ext.videotron.com) applied. This should be all that you need in the client SSL profile. Again, no forward proxy SSL settings here. The client SSL profile is responsible for the client-to-F5 SSL session. To re-encrypt to the backend servers, you also apply a server SSL profile to the VIP. This profile maintains the client side of the server side SSL session. In most cases you don't have to do anything to this profile, nor does it matter what certificates you use on the servers themselves. The server SSL profile will ignore any certificate subject and/or trust mismatches.