Forum Discussion

Cirrus

Nov 13, 2019

Way to pass client cert through vip to the servers.

I've got a customer with a vip set up. This vip has SSL Offloading enabled with a client and serverssl profile enabled on it. He want to have it so his client cert is passed through the vip so that...

Noctilucent

Nov 18, 2019

In default scenarios, the serverssl profile which we create does not have the cert in it. The default property is none. So basically the backend server does not perform any authentication for the LTM.

In certain cases, the backend server would require authentication, so we are required to put a cert on the server ssl profile.

In your case, since the flow is like a proxy, you can get the client certificate and put it on the server ssl profile.

So when the connections flows, this client cert will be provided by LTM to the backend servers.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Way to pass client cert through vip to the servers.

Jeff - May 2026 Featured F5er

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

APM URL encoding Hardening?

Trial License for F5 virtual edition in eve-ng

certitcate error

about create wide ip,

Dynamic import of data groups

Related Content

STARTTLS Server SMTP with cleartext and STARTTLS client support

Client vs Server SSL profile

F5 Distributed Cloud - Traffic Steering based on Client IP Address

F5 MCP(Model Context Protocol) Server

Client-side vs Server-side Load Balancing

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS