Forum Discussion

Anthony_Fornito's avatar
Apr 18, 2017
Solved

HTTPS Application Configuration

My application requires HTTPS

 

BIG-IP 12.1.2 Build 0.0.249 Final

 

Every article I see says when creating the SSL CLient Profile I would do the following:

 

Local Traffic -> Profiles -> SSL -> Client

 

Then from there I would create the client

 

Name the client

 

Then I would choose the cert and key, only problem is I do not have those options.

 

I have tried to create an SSL server which does have those option however still does not work

 

What i have

 

Https Virtual Server

 

Http pool

 

I have tested the F5 with a gerneric non https site and it works fine.

 

What am i not seeing?

 

  • Name
  • Parent ProfileclientSSL

     

  • Configuration

     

    • Mode
    • Certificate Key Chain
    • Ciphers
    • Options
    • Options List
    • Proxy SSL
    • Proxy SSL Passthrough
    • ModSSL Methods
    • Cache Size
    • Cache Timeout
    • Alert Timeout
    • Handshake Timeout
    • Renegotiation
    • Renegotiate Period
    • Renegotiate Size
    • Renegotiate Max Record Delay
    • Secure Renegotiation
    • Max Renegotiations
    • Max Aggregate Renegotiation
    • Server Name
    • Default SSL Profile for SNI
    • Require Peer SNI support
    • Unclean Shutdown
    • Strict Resume
    • Session Ticket
    • Session Ticket Timeout
    • Session Mirroring
    • Generic Alert
    • Non-SSL Connections
    • Allow Dynamic Record Sizing
    • Maximum Record Size
    • SSL Sign Hash
    • Peer No-renegotiate Timeout
    • Max Active Handshakes
  • Client AuthenticationCustom

     

    • Client Certificate
    • Frequency
    • Retain Certificate
    • Certificate Chain Traversal Depth
    • Trusted Certificate Authorities
    • Advertised Certificate Authorities
    • Certificate Revocation List (CRL)
    • Allow Expired CRL
  • SSL Forward Proxy

     

    • SSL Forward Proxy
    • CA Certificate
    • CA Key
    • CA Passphrase
    • Confirm CA Passphrase
    • Certificate Lifespan
    • Certificate Extensions
    • Certificate Extensions List
    • Cache Certificate by Addr-Port
    • SSL Forward Proxy Bypass
  • Figured it out, next to Certificate Key Chain you need to click add and that will give you the options.