Forum Discussion

Amr_Ali's avatar
May 04, 2023

server SSL Profile setting

In the Server SSL profile we have under The Server Authentication section of the Server SSL profile ( server certificate )

and the default action is ignore, my question here is what is mean  ignore,  is the F5 will ignore any certificate installed on web server ,

4 Replies

  • It means that the LTM client will not check the validity of the server cert, just that it's there. It won't break things if the cert expires, for example.

    • Amr_Ali's avatar
      Icon for MVP rankMVP

      Do you mean her when the LTM acts as a client during the connection between it and the back-end web server, it accepts any certificate sent from the server even if expired

      • AlanMoen's avatar
        Icon for Cirrus rankCirrus

        Yes. I found this by accident when one of my AD teams let their server certs expire but the LTM kept chugging along. I'm kinda surprised it's the default setting and I've changed that in my environment for security reasons.