Forum Discussion
Kevin_Stewart
Employee
Can you elaborate? Under normal conditions there would not be a client SSL profile applied to the internal target virtual server. The "virtual" command is the "VIP target" function to pass traffic between VIPs on the same box. The target VIP is typically of type "internal" (but doesn't have to be), and would not be performing any decryption (that happens at the external VIP).
danA
Sep 01, 2022Altostratus
In this situation, there is an iRule on the target VIP which has an HTTP_REQUEST event defined. Per https://support.f5.com/csp/article/K95905533, it needs (and has) a client SSL profile. I'm trying to understand how the cert attached to the client SSL profile is (or is not) validated.