Remote OCSP and CRLDP server SSL cert checking

Question

How do you establish an LTM virtual server with 2-way SSL and remote revocation checking on the server side of a virtual server?
What is the LTM approach and the setup steps for server SSL cert checking using remote OCSP or CRLDP?
Is it similar to setting up client SSL remote OCSP and CRLDP checking? I've found lots of documentation on client SSL but nothing helpful for the server side with respect revocation checking for 2-way SSL. &nbsp;

boneyard · Answer

the server side is somewhat different, you are not receiving a client certificate but sending one (optionally) and receiving a server one. &nbsp;
specially with bigip with you probably own the server then CA check and perhaps CN is enough.&nbsp;
i did have a look at the client side ocsp and crldp stuff and if you go the irule route it seems possible to use the same commands but then in the server side events. sounds like a nice thing to try out.&nbsp;

Forum Discussion

Remote OCSP and CRLDP server SSL cert checking

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

2026 301a exam

F5OS login with admin/root failed via console

UCS Encryption Question

Related Content

BIG-IP security hardening and compliance checks

Check a Virtual Server's SSL Status

Automated backup F5 configuration to remote server

F5 remote logging server

Oracle WebLogic Server – Remote Code Execution (CVE-2020-14882)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS