For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Erik88's avatar
Erik88
Icon for Nimbostratus rankNimbostratus
Feb 24, 2020

Does server ssl profile check a web-server certificate validity ?

Hi :)   I would like to know if a self created ssl server profile can check if some web-servers pool have valid certificate. I have a full proxy, client side works properly and server side also ...
BIG-IP
certificates
security
server-ssl-profile
ssl
NAG's avatar
NAG
Icon for Cirrostratus rankCirrostratus
Feb 24, 2020

Hi Eric,

 

It depends on what type SSL certificates your web servers are using.

 

1) if certificates are signed by a public CA, then use following option to validate the certificates.

Trusted Certificate Authorities:: Uses the ca-bundle.crt file, which contains all well-known public certificate authority (CA) certificates, for server-side processing.

 

2) if certificates are signed by a Internal CA, then import CA bundle for your internal CA including all chain certs and use it as Trusted Certificate Authority.

 

Hope this helps,

Nag