Forum Discussion

Nimbostratus

May 12, 2010

SSL Certificate on F5 VIP and Real

All, I have the following requirement: I have a VIP with a Verisign certificate configured on it. The VIP listens on port 443, and the Reals/Members listen on port 443. It has been...

config

design

Hamish

Cirrocumulus

May 12, 2010

The minimum on the F5 side is to add server_ssl to the VS so that it will negotiate the SSL/TLS when it connects to the servers. That should work as it is. If you require any options on the server_ssl then create a new server ssl profile, using the server_ssl as a parent and just over-ride the changes in the new profile configuration (Then add the new profile to the VS).

If you already have a custom server ssl profile on your VS then you MAY need to alter it, depending on what is set. But the default one should work fine.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Certificate on F5 VIP and Real

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

Why does SSLO not support ACTIVE-ACTIVE mode deployments？

Failed to set RDP launch token timeout

Horizon View iApp - Big-IP 17.5

r4600 Tenant CPU Assignment

master key file on vcmp guest HA Cluster different?

Related Content

Implementing SSL Orchestrator - Certificate Considerations

SSL Certificate Report

Understanding Server SSL Trusted Certificate Authorities on BIG-IP

Thumbprint of the client ssl certificate

How to persist 'real' IP into Kubernetes

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS