SSL certificate

Question

Hi , 
 May I please know that if you install a certificate on the F5 ltm on the client side , does it mean that you dont need any certificates on the server side at all , if you wish to send the traffic unencrypted on the server side. So are we actually saving on the certificate cost now , since the F5 needs only one cert vs like 3 certs if there were 3 servers&nbsp;
Thanks&nbsp;

dragonflymr · Answer

Hi,&nbsp;
If your are doing SSL Offload (BIG-IP is decrypting traffic from clients and send unencrypted to backend servers) then yes, only certificate you need is one for clientside SSL profile - could be one originally used by your backend server if CN or SAN fields are matching FQDN configured for your Virtual Server IP on BIG-IP.&nbsp;
Piotr&nbsp;

vadim_yakovlev_ · Answer

Exactly. In fact, if you're talking about web servers, and server-side traffic is unencrypted - that is, plain HTTP - there is simply no technology for server to present a certificate, since TLS level is absent.

Forum Discussion

SSL certificate

Recent Discussions

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

AS3 Limitations

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

Related Content

Updating SSL Certificates on BIG-IP using REST API

Implementing SSL Orchestrator - Certificate Considerations

SSL Certificate Report

Thumbprint of the client ssl certificate

Help F5 Transform the BIG-IP Administrator Certification

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS