Forum Discussion
Public SSL cert on F5 and Self Signed on Server
Hello Folks,
If planning to implement SSL bridging with external cert installed on F5 and backend server uses self signed, would like to know
1) Will clients get an error while accessing the website ? 2) If not, in which case will client get the error as backend server is using self signed cert
I think that clients will not get error as both side connections will be independent but just trying to understand the different scenarios.
- JustCooLpOOLeCirrocumulus
Since F5 acts as a full proxy, the client should only interact with the F5 and the server will only interact with the F5. The external cert (I'm assuming a CA cert) should be applied on the client-side SSL profile whereas your self-signed will be applied on your server-side SSL profile.
It should be that simple. Hope that helps!
1) Will clients get an error while accessing the website ? 2) If not, in which case will client get the error as backend server is using self signed cert
No, they won't. By default the F5 does not care about the validity of the server side certificate. The client and server SSL profiles are separate in the configuration. The Client profile is used against, no suprise here, the clients, and the server side profile against the server.
Since the F5 is a full proxy just like Shann_P states above the two sides are handled separately.
/Patrik
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com