Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Icon for Cirrus rank

Cirrus

Aug 08, 2019

Connecting to invalid Server with SERVERSIDE SSL

I must be reading the documentation wrong. I am trying to ensure a connection to an external TLS server has a valid CA and a valid certificate. I have a virt with a SERVER SSL profile that sets drop ...

application delivery

Icon for Cirrus rank

Cirrus

Aug 09, 2019

I forgot to mention we are not yet on v13 (when SERVERSSL_SERVERCERT was added I believe). But forgetting the iRule for a moment, in just general LTM configuration, is there anyway to prevent the BIG-IP from connecting to the TLS server if the cert is not valid? I ask as even with drop, it still connects if the cert is expired or a bad CA. I'm wondering if those two options are just for CLIENTSSL and not SERVERSSL.

Icon for Cumulonimbus rank

Cumulonimbus

Aug 09, 2019

Will you be able to share a screenshot of the section "Server Authentication" of your server-side SSL profile?

Jonathan - March 2026 Featured Member

DevCentral News

featured member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

DevCentral News

2026 F5 DevCentral MVP Announcement

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5