som_86408
Jun 04, 2018Nimbostratus
Self Signed cert on Server and external CA cert on F5
Hi,
In a recent requirement, I have to use SSL encryption in between client to F5 and F5 to back end servers communication. I am familiar with the first one which will be served by external CA and at the F5 end client side SSL profile will be used.
But my query is on the second one i.e. F5 to back end servers. As per the requirement self-signed certificate will be used at the back end servers.
Please clarify the below queries?
- As self-signed certificate will be used so do we need to import the server certificate and key under server SSL profile in F5?
- If yes, is there any other way around this can be done without importing the certificate in F5.
Thanks/Som
Hi,
When the backend server is using self signed certificates, you can use the serverssl-insecure-compatible SSL profile on the server side.
This way, the F5 accepts the self signed certificate without the need to import anything on the F5.
Regards, Martijn.