SSL Profiles Part 3: Certificate Chain Implementation

This is part 3 in a series of articles covering the BIG-IP LTM SSL profiles. SSL Overview and Handshake SSL Certificates Certificate Chain Implementation Cipher Suites SSL Options SSL R...
Updated Mar 25, 2023
Version 2.0
LTM
security
series-the-ssl-profile
ssl
tech tip
JRahm's avatar
Icon for Admin rankAdmin
Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.
View Profile
JRahm's avatar
Icon for Admin rankAdmin
Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.
View Profile
Andy_Litzinger's avatar
Andy_Litzinger
Dec 13, 2010
Typically I don't think you should/need to include the Root CA in your certificate chain on your LTM. The client needs to have the root in their trusted root certificate keystore anyway so there is not much point in installing it in the LTM chain.