Forum Discussion

Nimbostratus

May 12, 2010

SSL Certificate on F5 VIP and Real

All, I have the following requirement: I have a VIP with a Verisign certificate configured on it. The VIP listens on port 443, and the Reals/Members listen on port 443. It has been...

config

design

hoolio

Cirrostratus

Jun 15, 2010

It's under the server cert section on the server SSL profile. If you change Server Certificate from the default of 'ignore' to 'require', LTM will check the start and end dates of the cert and not complete a handshake for an invalid cert. You can also configure a name to look for in the common name field of the server cert. If you want LTM to check the client cert issuer, you can configure a trusted CA cert bundle in the server SSL profile.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Certificate on F5 VIP and Real

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

Why does SSLO not support ACTIVE-ACTIVE mode deployments？

Failed to set RDP launch token timeout

Horizon View iApp - Big-IP 17.5

r4600 Tenant CPU Assignment

master key file on vcmp guest HA Cluster different?

Related Content

SSL Certificate Report

Thumbprint of the client ssl certificate

Help F5 Transform the BIG-IP Administrator Certification

SSL Certificate Alerts via Email

Re: Management Certificate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS