Multiple SAN SSL certificates to a single VIP

Question

Hello ALL,
I'm working on SSL certificate installation task wherein for a sigle VIP I have to associate multiple SAN certificates and each SAN certifcate has multiple URLs.&nbsp;
for exmaple:
VIP - 10.10.10.10 has SSL cert of SSL1 and SSL2 and SSL1 has SAN name of  x.learn.com,y.learn.com and x.learn.com. And SSL 2 certificate has the SAN name of A.learn.com, B.learn.com and C.learn.com.&nbsp;
Could you please suggest how can I achive this?&nbsp;
For example if a user access x.learn.com or a.learn.com using the same VIP then it should be accessible.&nbsp;
Regards,
Thiyagu&nbsp;

youssef1 · Answer

Hi,&nbsp;
Did you check this post:
https://devcentral.f5.com/questions/client-ssl-profiles-using-sni-not-able-to-use-the-subject-alternative-name&nbsp;
It explain how you can achieve your need.&nbsp;
Response from Kevin (F5):
SNI doesn't really care about what's in the certificate, but rather what you've defined in the Server Name attribute of the client SSL profile. I haven't tried this, but thinking you could create a separate client SSL profile for each SAN name that isn't covered by the wildcard, using the same cert/key, and then apply all of those to the VIP.&nbsp;
Let me know if you need help&nbsp;

Forum Discussion

Multiple SAN SSL certificates to a single VIP

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

F5 Distributed Cloud – Multiple custom certificates for HTTP/TCP LB

Automating Certificate Management on F5 BIG-IP

single slot multiple core vs multiple slot single core

Automating ACMEv2 Certificate Management on BIG-IP

Using n8n To Orchestrate Multiple Agents

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS