For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

maurizio's avatar
maurizio
Icon for Nimbostratus rankNimbostratus
Aug 10, 2022

change ssl profile(client) by server name invoked

Hello I have a virtual server that exposes a wildcard certificate. Now I need to change the certificate when the server name changes. Example: if I contact https://site.domainA.com expose the pr...
event
security
Enes_Afsin_Al's avatar
Enes_Afsin_Al
Icon for MVP rankMVP
Aug 10, 2022

Hi maurizio,

  • Create two client-ssl profiles. One for the wild_domainA certificate and the other for the wild_domainB certificate.
  • Check "Default SSL Profile for SNI" option in one of the client-ssl profiles.
  • Assign the client-ssl profiles to virtual server.

Default SSL Profile for SNI indicates that the system uses this profile as the default SSL profile when there is no match to the server name, or when the client provides no SNI extension support. Note that when assigning multiple SSL profiles to a single virtual server, you can enable this setting on one Client SSL profile only and on one Server SSL profile only. The default for this setting is unchecked.