For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Cirrus rank

Cirrus

Aug 09, 2019

Connecting to invalid Server with SERVERSIDE SSL

I must be reading the documentation wrong. I am trying to ensure a connection to an external TLS server has a valid CA and a valid certificate. I have a virt with a SERVER SSL profile that sets drop ...

application delivery

Icon for Cirrus rank

Cirrus

Aug 09, 2019

I forgot to mention we are not yet on v13 (when SERVERSSL_SERVERCERT was added I believe). But forgetting the iRule for a moment, in just general LTM configuration, is there anyway to prevent the BIG-IP from connecting to the TLS server if the cert is not valid? I ask as even with drop, it still connects if the cert is expired or a bad CA. I'm wondering if those two options are just for CLIENTSSL and not SERVERSSL.

Icon for Cumulonimbus rank

Cumulonimbus

Aug 10, 2019

Will you be able to share a screenshot of the section "Server Authentication" of your server-side SSL profile?

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5