Forum Discussion

Nimbostratus

Dec 05, 2017

Client SSL authentication with mutlipe trusted CAs and CRLs

Hello, we are using a client SSL profile with client authentication enabled. Now I need to add a second trusted CA and CRL. I created a second SSL profile with the new CA/CRL and tried to add it...

MVP

Dec 05, 2017

combine both CA certificates into one certificate bundle (just copy paste the base64 info into one file / text field)

for CRL it is more complicated you will have to merge those, which probably will require some scripting.

btw: similar question with some options was asked here: https://devcentral.f5.com/questions/crl-verification-in-irule

in the end you might consider setting up two virtual servers with different hostnames, will make your life easier for sure :)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Client SSL authentication with mutlipe trusted CAs and CRLs

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

Connection Rate Limit with log output

syslog over tcp and define management IP as source

Managing iRules configuration

Recommendation for Adv. Lab

Related Content

F5 BIG-IP Zero Trust Access

Zero Trust Application Access for Federal Agencies

Where SASE Ends and ADSP Begins, The Dual-Plane Zero Trust Model

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

F5 BIG-IP Zero Trust with BIG-IP SSL Orchestrator

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS