SAN SSL Certificates on F5 LTM

Question

Hello,
I have a requirement to offload MS Exchange 2013 (OWA) traffic on F5 LTM. We now need to go for CA signed certificate. As per the F5 documentation LTM supports only SAN certificates not SNI. but I am confused in selecting the certificates from below link.
I want to know which certificate I should go for.
https://www.thawte.com/ssl/index.html &nbsp;
Note: we currently have two domains for which SSL offloading is needed.
www.xyz.com
mail.xyz.com&nbsp;
Regards,&nbsp;
Akhtar&nbsp;

nathe · Answer

SNI is supported from tmos v11.1 I believe. From your requirement a wildcard cert will do but you could also pick an SSL cert and then add your different names too. Which SSL cert u choose depends on whether the vs is public facing so you'd want a stronger cert e.g. SSL cert with OV.&nbsp;
Hope this helps.&nbsp;

nickf5_143239 · Answer

You can follow below solution in order to configure SNI in v11 LTM's&nbsp;
sol13452: Configuring a virtual server to serve multiple HTTPS sites using the TLS Server Name Indication feature&nbsp;
https://support.f5.com/kb/en-us/solutions/public/13000/400/sol13452.html&nbsp;

Forum Discussion

SAN SSL Certificates on F5 LTM

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

AppWorld 2024 in San Jose

Appworld 2024 -San Jose

Slack Mutual TLS Recipe: Adding X-Client-Certificate-SAN header from client certificate

SSL Certificate Report

Re: Management Certificate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS