Forum Discussion

Anthony_Fornito's avatar
Apr 18, 2017

HTTPS Application Configuration

My application requires HTTPS


BIG-IP 12.1.2 Build 0.0.249 Final


Every article I see says when creating the SSL CLient Profile I would do the following:


Local Traffic -> Profiles -> SSL -> Client


Then from there I would create the client


Name the client


Then I would choose the cert and key, only problem is I do not have those options.


I have tried to create an SSL server which does have those option however still does not work


What i have


Https Virtual Server


Http pool


I have tested the F5 with a gerneric non https site and it works fine.


What am i not seeing?


  • Name
  • Parent ProfileclientSSL


  • Configuration


    • Mode
    • Certificate Key Chain
    • Ciphers
    • Options
    • Options List
    • Proxy SSL
    • Proxy SSL Passthrough
    • ModSSL Methods
    • Cache Size
    • Cache Timeout
    • Alert Timeout
    • Handshake Timeout
    • Renegotiation
    • Renegotiate Period
    • Renegotiate Size
    • Renegotiate Max Record Delay
    • Secure Renegotiation
    • Max Renegotiations
    • Max Aggregate Renegotiation
    • Server Name
    • Default SSL Profile for SNI
    • Require Peer SNI support
    • Unclean Shutdown
    • Strict Resume
    • Session Ticket
    • Session Ticket Timeout
    • Session Mirroring
    • Generic Alert
    • Non-SSL Connections
    • Allow Dynamic Record Sizing
    • Maximum Record Size
    • SSL Sign Hash
    • Peer No-renegotiate Timeout
    • Max Active Handshakes
  • Client AuthenticationCustom


    • Client Certificate
    • Frequency
    • Retain Certificate
    • Certificate Chain Traversal Depth
    • Trusted Certificate Authorities
    • Advertised Certificate Authorities
    • Certificate Revocation List (CRL)
    • Allow Expired CRL
  • SSL Forward Proxy


    • SSL Forward Proxy
    • CA Certificate
    • CA Key
    • CA Passphrase
    • Confirm CA Passphrase
    • Certificate Lifespan
    • Certificate Extensions
    • Certificate Extensions List
    • Cache Certificate by Addr-Port
    • SSL Forward Proxy Bypass
  • Figured it out, next to Certificate Key Chain you need to click add and that will give you the options.