For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

F599's avatar
F599
Icon for Nimbostratus rankNimbostratus
Feb 04, 2025

Problem with self-signed certificate

We have a self-signed certificate on a Back End server. However, this certificate is not secure. I need F5 to ignore the untrusted certificate and apply a certificate that I configured in the SSL p...
announcement
application delivery
Mayur_Sutare's avatar
Mayur_Sutare
Icon for MVP rankMVP
Feb 06, 2025

Hi F599 

If you need F5 to present the certificate you want to the client, you need to map certificate under client-ssl profile as client-ssl profile is responsible for managing SSL handshakes between client and the F5 vServer.

 

If you have self-signed certificate on the server side then that should not be the problem. As it will be use for SSL handshake between F5 vServer and the backend server. This will be done based on the server-ssl profile.

So basically, you need to properly configure client-ssl and server-ssl profiles to handle respective SSL transactions properly. Once both profiles are configured, map them on the desired vServer. 

 

If you do not apply any SSL profile to the vServer, that will act as SSL passthrough on the F5. In this case, F5 will not handle SSL handshakes and client will receive certificate configured on the backend servers.

 

Refer this for more details on it.

Hope it helps!