Forum Discussion

Nimbostratus

May 12, 2010

SSL Certificate on F5 VIP and Real

All, I have the following requirement: I have a VIP with a Verisign certificate configured on it. The VIP listens on port 443, and the Reals/Members listen on port 443. It has been...

config

design

Hamish

Cirrocumulus

May 12, 2010

The minimum on the F5 side is to add server_ssl to the VS so that it will negotiate the SSL/TLS when it connects to the servers. That should work as it is. If you require any options on the server_ssl then create a new server ssl profile, using the server_ssl as a parent and just over-ride the changes in the new profile configuration (Then add the new profile to the VS).

If you already have a custom server ssl profile on your VS then you MAY need to alter it, depending on what is set. But the default one should work fine.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Certificate on F5 VIP and Real

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Geo location update

Help with an iRule to disconnect active connections to Pool Members that are "offline"

block a specific user

ASM/AWAF declarative policy

OOB Security Notification — Why you should patch NGINX Plus/Open Source now

Related Content

Updating SSL Certificates on BIG-IP using REST API

Automating Certificate Management on F5 BIG-IP

Implementing SSL Orchestrator - Certificate Considerations

Certificate Automation for BIG-IP using CyberArk Certificate Manager, Self-Hosted

SSL Certificate Report

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS