Forum Discussion
Feb 27, 2019
If you want the F5 to perform SSL server authentication, in the server-ssl profile you need to:
1) set peer-cert-mode to require
2) specify an authenticate-name (to match the common name/SAN name on the cert)
3) Specify the ca-file. This is the root CA cert corresponding to the cert installed on the server (so that the chain of trust can complete)
If you still experience issues try running an ssl dump on the F5 and post the results.