Forum Discussion
MOHIT_125417
Altostratus
AltostratusHow to Implement 2 Way SSL in F5 LTM
Hi Experts,
I have been given a task to implement 2 WAY SSL for one of the VIP.
Please guide me how to proceed on this in detail.
Gicu_337843
Nimbostratus
NimbostratusI received only web site certificate and chain certificate for this task - 2 way ssl. chain certificate validates the origin of the certificate. the one way ssl was configured already. Explain me please step by step how to configure 2 way ssl for my VS ip:443 only. What must I do with website certificate and chain certificate? I have configured sslclient for my virtual server, but this client was created for one way ssl. I am not able to attache more ssl client profiles to my VS.
Greetings,
The Client SSL profile has a Client Authentication section. The two important options are:
- Client Certificate (ignore/request/require)
- Trusted Certificate Authorities (the CA that signs the client certificate)
Once these are in place (usually require is chosen), the BIG-IP system will verify that the client provided certificate has been signed by the SSL profile's associated Trusted Certificate Authority.
Hope this is helpful,
Kevin