Forum Discussion

m1978_295079's avatar
m1978_295079
Icon for Nimbostratus rankNimbostratus
May 03, 2017

Ssl server profile , server authentication

Hi All, i have a situation where the F5 LTM is setup with a virtual server listening on port 80 from client, load balancing a pool listening on port 443. I have a server ssl profile with default configuration (without any certificate). I can see traffic is encrypting between f5 and pool member. Now server team wants f5 to authenticate the server, but they are not sure what sort of certificate they have to provide to me, so that i can use it in F5 server ssl profile for server authentication ? All they know they got host certificate from CA. Could anyone guide me in this regard ?

 

Thanks in advance

 

  • Common name of host certificate will be the server hostname. If you have more than one backend servers it is advisable to use domain certificate instead of host certificate.

     

    For domain certificate, common name will be the domain name registered for your application. Since all the backend servers have the same application and same domain certificate can be used at all the backend_server applications and at F5 server side ssl profile.

     

    If F5 client side is SSL port, there also you can use the same domain certificate.

     

  • Thanks for the reply Naren, i will pass this information to our server team. Now in server ssl profile i can see under server authentication , i need to enter authentication name as well and certificate...i beleive next question they will ask me how to get the authentication name ?