Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Cynthia_18735's avatar
Cynthia_18735
Icon for Nimbostratus rankNimbostratus
Apr 17, 2008

Self-signed certificate in a Redirect

I have a virtual server setup to receive SSL traffic. The virtual server has a CLIENTSSL profile on it, with a self-signed SSL certificate. The virtual servers only purpose is to do a redirect. So...
config
design
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Apr 17, 2008
If the browser is configured to generate an alert when the requested hostname doesn't match the subject of the SSL certificate a site presents, then I could see that it would work in IE. However, with default settings in IE, you should see the mismatched certificate warning. By design of SSL certificates there isn't a way to configure a web server to prevent the client from 'seeing' that the cert isn't valid. You'd need to get a certificate which is valid for the host name that the client requests, or change the browser settings for each client.

 

 

I'm not sure if it's feasible for you to do, but if you could have the clients make the first request to http://urlname.com (instead of https://urlname.com), you could avoid the cert mismatch issue.

 

 

Aaron