I have question. We have plan to migrate web app which have 2 different type authentication. One is with without cerificate and secont autentication is with certificate. I did custom client SSL profile and work only for first solution (without certificate) and with certificate it doesn't works. For server certification I use default server profile (server ssl). I also try to use CCCD solution but I get error: SSL Handshake failed for TCP X.X.X.X:4589 -> VIP:443 and customer has also problem with client which didn't use client certificate for authentication. I use one VIP and one pool member.
Janez, the clientssl profile would be very useful, as would be some clarifications on what you are trying to achieve. For example, are you looking for "client certificate authentication" if so have you configured the "client authentication" section of the clientssl profile? Does the application require the f5 to present a certificate to the application server, if so you'd need to add the Certificate in the "configuration" section. If the application needs to authenticate the client directly, then this setup might break that, and you would need to implement Proxy SSL. See ClientSSL Profile and ServerSSL Profile
