Forum Discussion
SSL offloading with port 8443
If your VS is listening on 8443 you don't need to redirect.
You need to create a SSL client profile that has your SSL certificate, and chain.
https://my.f5.com/manage/s/article/K14783#2
As you do SSL offloading, your pool members don't have to do SSL anymore. Unless you want traffic between the F5 and the pool members to be encrypted also.
I have already created ssl certificate and signed with CA lets say for example ABCD CA server, and then created a ssl client profile and still not working , i used to go over the previous steps with SSL offloading for virtual server 443 and its working , is there a specific options for SSL client profile for 8443 ? because when i check the certificate in the URL https://abcd:8443 the certificate shows (Local Host ) same as before a assigne the SSL Client Profile !! its like the SSL profile not really effect the virtual server certificate .
- PauliusMar 10, 2023MVP
TMH In order to provide additional detail on why this isn't working it would be helpful to see the configuration of the virtual server and SSL client profile that is assigned to the virtual server. Purely based on the screenshot it seems like the SSL client profile being used doesn't have the trusted CA certificate in it.
- TMHMar 10, 2023Nimbostratus
What i had configured with virtual server :
Name:xxxx
Type:Standard
Source:0.0.0.0.
Destination:x.x.x.x
Port:Other 8443
Protocol:TCP
Protocol Profile(client):Tcp
Protocol Profile (Server):use client profile
SSL profile client: (name of profile ssl 8443)
SSL profile server:None
All the other options is none.
Default Persistence Profile:source_add
Fallback Persistence Profile:none
And for SSL client Profile:
Certificate key chain: i added the certificate and key and chain that I already imported in certificate list.
correct me if there's something wrong or missing .
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com