For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

bsb's avatar
bsb
Icon for Nimbostratus rankNimbostratus
Feb 09, 2018

L4 forward with certificate check

scenario is User(access with certificate - self signed ) --- > LB (L4 forward) --- > Backend server with certificate (self signed)   when LB does L4 forward and when tried to connect with certifi...
LTM
security
Martijn_144688's avatar
Martijn_144688
Icon for Cirrostratus rankCirrostratus
Feb 09, 2018

Saravana,

 

Is the user authenticated with a client certificate, or do you user the F5 for SSL decprytion and encryption?

 

If you want the use the F5 to decrypt and encrypt traffic, you need a Standaard virtual server. See;

 

K12015: Configuration requirements for SSL virtual servers, profiles, pools, and monitors

 

If the client authenticates to the back-end server with a certificate and you get a invalid certificate (which is not strange with self-signed certificates), you can take a look at the root CA's on client and server.

 

Maybe you can give us more details about your setup?

 

Regards, Martijn.

 

  • bsb's avatar
    bsb
    Icon for Nimbostratus rankNimbostratus
    Feb 13, 2018

    yeah, thanks martijn