Forum Discussion
Client Certificate Management when using VIP targeting VIP
Hi All,
So i'm moving from a malware focused reverse proxy fronting our web service to the f5 to improve delivery.
But there is one feature i am struggling to reproduce, which is different client certificates being definded when different host names are presented.
So i have a VIP targetting VIP setup, and the cert on that front vip is doing all of the certificate management rather than the client certs on the virtual servers behind that front VIP. (looks like its designed that way, i'm sort of asking to check!)
Is there anyway way to say
IF hostname = server1.mydomain.com - assign server1.cert
IF hostname = server2.mydomain.com - assign server2.cert.
This is just how the older rev proxy we are taking out worked, but i can't find a way to reproduce this.
i can't say this is a major issue at the moment, no one has really noticed BUT i'm amazed the simple proxy we did have has this feature and the f5 can't match it! (And as per normal better it!)
Any ideas? Ta - Fletch
No but I'll give it a go in my lab Monday morning!
Not sure how it'll work with a wildcard.
95% of the systems use a wildcard, then 4-5 have there own separate cert.
It works fine. In your case, I would use the wildcard certificate as default.
If everything works as expected, please don't forget to mark my answer as resolved. Some thumbs up are also appreciated.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com