Forum Discussion

Nimbostratus

Nov 26, 2019

Debugging ServerSSL Profile Setup

So I have a setup which basically is as follows: F5 LTM (terminates external https traffic) this needs to re-encrypt to a NGINX server, which is setup to passthrough traffic to a HA Proxy service wh...

Cirrocumulus

Nov 26, 2019

Neil,

Can you confirm your ServerSSL setup? See ServerSSL Overview page, To troubleshoot have you tried using the default ServerSSL profile? As mentioned in the link above, when a serverssl profile is added the bigip is acting as a client and uploading a cert means the bigip presents this as a client certificate to the pool member. From your description i'm not sure this is what you are after.

If you want to validate the certificate from the pool member then in the Server Authentication settings part you can specific the domain name of the certificate expected.

Hope this helps,

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Debugging ServerSSL Profile Setup

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

Activate serverssl profile in iRule

DoS Profiles

Debugging API calls with the python sdk

Debug Client Errors

Client SSL Profile

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS