Forum Discussion
NimbostratusSSL certificate for specific websites
Hi Experts,
I have a backend webserver on which multiple websites are hosted (say 10) and this webserver is behind particular Virtual Server IP of F5 LTM. There is a requirement to configured the SSL Client certificate for 4 websites (out of 10) . Kindly let me know if it is possible to do the same without hampering the traffic for websites which donot require certificate .
Regards,
Ankur
5 Replies
- Kevin_Stewart
Employee
Are you talking about passing the client certificate to the backend web server, or performing client certificate auth at the F5 VIP?
Ankur_5273Hi Kevin
I am talking about Public SSL certificate (Thawte , Verisign) which is applied to the websites i.e certificate applied to client SSL Profile of a VS.
Regards,
Ankur
- Kevin_Stewart
You mentioned "client certificate", so I assumed you were talking about clients presenting certificates to the VIP or web server. So you have 10 websites behind a single VIP? How do you load balance those? Are you doing SSL now?
- Ankur_5273
Hi Kevin
Yes it is external world traffic hitting F5 VIP and presenting certificate to VIP (SSL Profile (Client) being applied to the VS) . There are 2 backend physical web servers (both identical) which are pool members of this VS and no irule is present on this Virtual Server.The web/app admin are hosting different websites on the web server and distinguishing them at the web server level .
Regards,
Ankur
Samir_Jha_52506Noctilucent
Correct me here. As per log history, it seems you have one VIP where 10 applications are configured. And you wanted to terminated SSL for 4 website(out of 10). If Yes? Then you need to use iRule. Let me know if you need irule.
