Forum Discussion

som_86408's avatar
som_86408
Icon for Nimbostratus rankNimbostratus
Jun 04, 2018

Self Signed cert on Server and external CA cert on F5

Hi,   In a recent requirement, I have to use SSL encryption in between client to F5 and F5 to back end servers communication. I am familiar with the first one which will be served by external CA ...
application delivery
BIG-IP
LTM
server ssl profile
  • Martijn_144688's avatar
    Martijn_144688
    Jun 04, 2018

    Hi,

     

    When the backend server is using self signed certificates, you can use the serverssl-insecure-compatible SSL profile on the server side.

     

    This way, the F5 accepts the self signed certificate without the need to import anything on the F5.

     

    Regards, Martijn.

     

MvdG's avatar
MvdG
Icon for Cirrus rankCirrus

Hi,

 

When the backend server is using self signed certificates, you can use the serverssl-insecure-compatible SSL profile on the server side.

 

This way, the F5 accepts the self signed certificate without the need to import anything on the F5.

 

Regards, Martijn.

 

som_86408's avatar
som_86408
Icon for Nimbostratus rankNimbostratus
Jun 04, 2018

Thanks but as far as I know the server-insecure-compaitable ssl profile is used if weak cypher is used at the server end certificate.

 

Are you sure that this can be used at the f5 end in case of self signed certificate also? Please confirm.

 

Thanks.