Forum Discussion
How to Implement 2 Way SSL in F5 LTM
Generate CSR: Login to F5 active device
Go to System ›› File Management : SSL Certificate List Click create button and update the details as mentioned below Note: In common name you need to mention FQDN name. If it is not a wildcard certificate then you need to mention as FQDN name. If it is wild card mention * before FQDN. Always select key size as 2048.
B. Download the CSR file and send to vendor
C. Vendor will provide following certificates.
Website certificate --This one you need to import . AddTrustExternalCARoot . UserTrustSAAddtrustCA . Trusted Secure Certificate Authority
D. Now import the certs as mentioned below. System ›› File Management : SSL Certificate List ›› Import
E.Key import details are mentioned below. System ›› File Management : SSL Certificate List ›› Import
Both Cert and key should be same name
Once cert, key and intermediate certs are imported we need to create SSL client profile
F.Configure new SSL certs under Client profile
Create a new profile as mentioned below
Go to Local Traffic ›› Profiles : SSL : Client In Certificate, key and chain select the files which you created Then click Add Once certificate key chain is update, click finished
Most of the times you need to update intermedaite certificate. Then you need to bundle certificates other than website certificate and import and call in SSL client profile chain section.
For Server SSL just assign default existing profile (serverssl-insecure-compatible)
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com