server SSL Profile setting

Question

In the Server SSL profile we have under&nbsp;The&nbsp;Server Authentication&nbsp;section of the Server SSL profile ( server certificate )and the default action is ignore, my question here is what is mean&nbsp; ignore,&nbsp; is the F5 will ignore any certificate installed on web server ,

alanmoen · Answer

It means that the LTM client will not check the validity of the server cert, just that it's there. It won't break things if the cert expires, for example.

alanmoen · Answer

Yes. I found this by accident when one of my AD teams let their server certs expire but the LTM kept chugging along. I'm kinda surprised it's the default setting and I've changed that in my environment for security reasons.

jrahm · Answer

AlanMoen&nbsp;is correct here, just adding the references for others to the Server SSL Profile details covered in knowledge article K14806.

amr_ali · Answer

Do you mean her when the LTM acts as a client during the connection between it and the back-end web server, it accepts any certificate sent from the server even if expired

Forum Discussion

server SSL Profile setting

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

ASM Attack Signature Sets

Set Protocol Profile (Server) And HTTP Profile (Server) via the SDK

Setting default route using VLANs

HTTPS communication and client and server ssl profile

Radius server settings

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS