Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

F5 GTM (DNS) & monitor mTLS endpoint

CCM
Nimbostratus
Nimbostratus

‎27-May-2020 17:57

Is there a way to configure a F5 GTM/DNS to have HTTPS heath monitors to send the F5 GTM device certificate by default, if the GTM monitor is requesting client certification due to the endpoint being mTLS enabled?

 

do not want to maintain/configure a custom client certificate to monitor mtls enabled endpoints.

Labels:
0 Kudos
2 REPLIES 2

F5SJ_
Altocumulus
Altocumulus

‎27-May-2020 23:32

HTTPS health monitor for probing the virtual servers? In case you have BIG IP deployment of LTMs in the GTM you can skip monitoring but if it is a Generic host than you have 443 open between int self ip (non floating) and the server and then you can use default or custom https monitor.

0 Kudos

Grumpy_Cat
Cirrus
Cirrus

‎28-May-2020 01:56

Hi CCM,

 

You would need to import your device cert/key into the SSL certificate list and then you'll be able to select the device cert/key to use for HTTPS health monitors.

 

cert/key location:

/config/httpd/conf/ssl.crt/server.crt

/config/httpd/conf/ssl.key/server.key

 

Kind regards

Ben

0 Kudos
Copyright © 2022 Khoros, LLC