Forum Discussion

Nimbostratus

Mar 08, 2015

Client and server ssl cert location when redirecting to a second VIP (LTM)

Hi All, I have a setup using a SAN cert which holds multiple URLs pointing to a single public IP address. I plan on having traffic hit a vip and then being filtered by url to a second tier of v...

Employee

Mar 09, 2015

i understand on primary vs, san certificate on clientssl and default on serverssl. on secondary vs, default on both clientssl and serverssl.

default clientssl can be used on secondary vs because on primary vs, server certificate in default serverssl is set to ignore, so it does not ao server authentication (i.e. not checking server certificate from secondary vs).

Ignore: The Ignore setting is the default setting. The BIG-IP system ignores certificates from the server and never authenticates the server.

sol14806: Overview of the Server SSL profile (11.x)

https://support.f5.com/kb/en-us/solutions/public/14000/800/sol14806.html

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Client and server ssl cert location when redirecting to a second VIP (LTM)

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Need F5 iRules Consultant - HTTP Header Manipulation Issues

DOSl7 reset learning database voor automatic mode

Ssl profile different in case of retry

ISP link latency

WebSocket connection to 'wss://...' failed: Invalid frame header

Related Content

F5 HTTPS Redirect 2025

redirect to to 301 location

Redirect Location header validator

F5 BIG-IP Boot location

Fingerprinting TLS Clients with JA4 on F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS