Forum Discussion

Nimbostratus

Aug 10, 2022

change ssl profile(client) by server name invoked

Hello I have a virtual server that exposes a wildcard certificate. Now I need to change the certificate when the server name changes. Example: if I contact https://site.domainA.com expose the pr...

event

security

Enes_Afsin_Al

MVP

Aug 10, 2022

Hi maurizio,

Create two client-ssl profiles. One for the wild_domainA certificate and the other for the wild_domainB certificate.
Check "Default SSL Profile for SNI" option in one of the client-ssl profiles.
Assign the client-ssl profiles to virtual server.

Default SSL Profile for SNI indicates that the system uses this profile as the default SSL profile when there is no match to the server name, or when the client provides no SNI extension support. Note that when assigning multiple SSL profiles to a single virtual server, you can enable this setting on one Client SSL profile only and on one Server SSL profile only. The default for this setting is unchecked.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

change ssl profile(client) by server name invoked

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

Client SSL Profile

SSL PROFILE - How to use multiple SSL Profile Client in Virtual Server

Change admin account

An irule to validate client ID via DNS lookup using the stream profile.

Ch-ch-ch-ch-changes

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS