Solved
Forum Discussion
TeemuK
Altostratus
Hello and thanks!
What if i also need to add matchtosni value (server name)?
Amine_Kadimi
Nov 27, 2022MVP
Yes you can. Example here: https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/declarations/tls-encryption.html#using-matchtosni-with-a-tls-server-profile
...
"webtls": {
"class": "TLS_Server",
"certificates": [{
"matchToSNI": "wwww.domain.com",
"certificate": "webcert1"
},
{
"certificate": "webcert2"
}]
},
...
- TeemuKDec 07, 2022Altostratus
But that adds a default SNI option also. I can not have many ssl client profiles in one virtual server. with all as default sni profiles. How should this be solved with AS3?
-teemu
- Amine_KadimiDec 07, 2022MVP
A default ssl profile is mandatory to accomdate the case when the server name does not match or when the client does not support SNI. This is by design