Forum Discussion

Cirrus

May 08, 2019

Is it possible to do both 1 way AND 2 way SSL on a single VIP?

So I have a requirement to set up a vip for 2way SSL. The client connects to the site and the site serves the page. This should be simple. However, once the client connects to the site, the site d...

LTM

security

Vinit_Ajgaonkar

Nimbostratus

May 08, 2019

Hi Atoth,

Modifying the client authentication in the SSL profile can allow for the VIP to be configured as both 1-way and 2-way.

However from a security standpoint it kind of nullifies the Cert based authentication becuase even users who dont pass the auth check can get through.

Client authentication options in ClientSSL profile are as below: 1. Require(Strict and requires client cert authentication) 2. Request(Not strict for client cert authentication for the ssl session to be established) 3. Ignore(Default)

Regards, Vinit

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Is it possible to do both 1 way AND 2 way SSL on a single VIP?

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

Single Node Persistence

Single Boot Volume

Introducing the single Installation script for F5 NGINX Instance Manager

Brute Force protection for single parameter like OTP

X Forwarded For Single Header Insert

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS