Forum Discussion

Nimbostratus

Aug 10, 2022

change ssl profile(client) by server name invoked

Hello I have a virtual server that exposes a wildcard certificate. Now I need to change the certificate when the server name changes. Example: if I contact https://site.domainA.com expose the pr...

event

security

Enes_Afsin_Al

MVP

Aug 10, 2022

Hi maurizio,

Create two client-ssl profiles. One for the wild_domainA certificate and the other for the wild_domainB certificate.
Check "Default SSL Profile for SNI" option in one of the client-ssl profiles.
Assign the client-ssl profiles to virtual server.

Default SSL Profile for SNI indicates that the system uses this profile as the default SSL profile when there is no match to the server name, or when the client provides no SNI extension support. Note that when assigning multiple SSL profiles to a single virtual server, you can enable this setting on one Client SSL profile only and on one Server SSL profile only. The default for this setting is unchecked.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

change ssl profile(client) by server name invoked

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM/AWAF declarative policy

Managing iRules configuration

Changes to DO and AS3 GitHub - no longer monitored

Help with SSH Virtual Server

GRE Tunnel Issue

Related Content

SSL Profiles Part 8: Client Authentication

Client SSL Profile

Client vs Server SSL profile

TLS Fingerprinting to profile SSL/TLS clients without decryption

About client profile (apm-forwarding-client-tcp)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS