Forum Discussion

Nimbostratus

Dec 05, 2017

Client SSL authentication with mutlipe trusted CAs and CRLs

Hello, we are using a client SSL profile with client authentication enabled. Now I need to add a second trusted CA and CRL. I created a second SSL profile with the new CA/CRL and tried to add it...

MVP

Dec 05, 2017

combine both CA certificates into one certificate bundle (just copy paste the base64 info into one file / text field)

for CRL it is more complicated you will have to merge those, which probably will require some scripting.

btw: similar question with some options was asked here: https://devcentral.f5.com/questions/crl-verification-in-irule

in the end you might consider setting up two virtual servers with different hostnames, will make your life easier for sure :)

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Client SSL authentication with mutlipe trusted CAs and CRLs

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Zero Trust Application Access for Federal Agencies

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

F5 BIG-IP Zero Trust with BIG-IP SSL Orchestrator

iControl REST Authentication Token Management

Trust your CDN, but not completely

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS