For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Jinshu's avatar
Jinshu
Icon for Cirrus rankCirrus
Nov 09, 2015

Does it require to install root Cert in F5 for server SSL?

Hi,   I am trying to configure server ssl. the pool member are listening on port 443 and i need to create SSL certficate. The vip url is myvip.mycompany.com and i have generated client SSL and ins...
design
management
security
TMOS
TMSH
nathe's avatar
nathe
Icon for Cirrocumulus rankCirrocumulus
Nov 09, 2015

Jinshu,

 

Not 100% certain of the question. But if you want to re-encrypt the data from the bigip to the backend pool member then the default serverssl profile will work. It will use the certificate/key on the pool member to encrypt the traffic. This default profile doesn't care about the name of the cert as it doesn't do that type of checking (check the server authentication section of the profile and you'll see "Server Certificate" is set to ignore. If you want to check the certificate supplied by the web server you can do by specifying the above setting is require and then referencing the "Trusted Cerificate Authorities" section.

 

Is that what you mean?

 

N