SSL server vs client profile

This is my understanding. There is Authentication setting such as "required", "ignore", "request" where "Required" & " ignore" are mostly used. "Required" : you must put a real cert in the setting since both F5 and the client or server have to verify the CA(depending which ssl profile). "Ignored" : you don't have to put a real cert, "default" can be used as the cert/key since F5 will not verify the cert or the CA. The cert/key used in the ssl profile settings are for verification process only, not for ssl encryption/decryption purpose. The symmetric key used for encryption are generated in separate process. The key/cert are for verification to establish the SSL connection, if verification fails, the ssl connection will not be established. As to whether you need client or server SSL profile depends on your need to verify the client or the server. F5 will act as a proxy to accelerate and take the load of the authentication process and ssl encryption/decryption, rather than having the backend to do all these to each client individually if F5 is not there.