F5 GTM (DNS) & monitor mTLS endpoint

Question

Is there a way to configure a F5 GTM/DNS to have HTTPS heath monitors to send the F5 GTM device certificate by default, if the GTM monitor is requesting client certification due to the endpoint being mTLS enabled?

do not want to maintain/configure a custom client certificate to monitor mtls enabled endpoints.

f5sj_ · Answer

HTTPS health monitor for probing the virtual servers? In case you have BIG IP deployment of LTMs in the GTM you can skip monitoring but if it is a Generic host than you have 443 open between int self ip (non floating) and the server and then you can use default or custom https monitor.

grumpy_cat · Answer

Hi CCM,&nbsp;You would need to import your device cert/key into the SSL certificate list and then you'll be able to select the device cert/key to use for HTTPS health monitors.&nbsp;cert/key location:/config/httpd/conf/ssl.crt/server.crt/config/httpd/conf/ssl.key/server.key&nbsp;Kind regardsBen

Forum Discussion

F5 GTM (DNS) & monitor mTLS endpoint

Recent Discussions

SNI Sites not taking correct certificate.

How to Renew F5 Device Certificate

irule to enable http/2 acceleration

Service discovery is not happening in AS3

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

Related Content

F5 Cloud Failover Extension (CFE), private endpoints, and custom DNS

List of F5 iControl REST API Endpoints

Apache Airflow Unsafe API Endpoint

BIG-IP Next Automation: Working with the AS3 API endpoints

Using VPC Endpoints with Cloud Failover Extension

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS