Forum Discussion

ozdemircili_696's avatar
Icon for Nimbostratus rankNimbostratus
Jan 13, 2011

SSL Certificates




Is there any way to use F5 ssl certificates to server our customers without buying a external ssl certificate?




We need to encrypt the comunication between out clients > F5 > Weblogic servers.




Thank you.


6 Replies

  • You could use a self signed cert generated on LTM or any other host in the client SSL profile. But the clients must have the root or server cert installed in their trusted certificate authority store or they'll get an untrusted cert warning.



  • Hello Oz,



    You will need to purchase them from your preferred vendor and install them directly onto the F5. From that point on the F5 will be terminating SSL requests.



    Please refer to chapter nine on the configuration guide for the instructions.






  • Hi,



    Thanks for the answers. Ill go ahead and have a look at the configuration guide.



  • Hi,



    Just one more thing I need to ask. Let me give you a quick schema of the network:




    user enters to using browser > user connects to F5 > F5 load balances the traffic between 2 weblogic servers.




    In this case DO I need to have 2 certificates for each server or with just one certificat that I will import to F5 ( will be enough?




    We need to encrypt the traffic between the client and F5 not necessarily the traffic between F5 and weblogic servers.




    Thank you.


  • Hey oz,



    You just need one SSL cert for all servers participating in the pool. This is the best part about centralizing your SSL certs onto the F5. It is easier to manage, reduces cost and it also offers a more robust environment.