I have a configuration with VS in https, the backend server carries a certificate, I have configured standard F5 SSL profiles (client/sever), however when the client accesses VS, he has an unsecured connection message in his browser , I think the error would come from the autosigned (defautl) certificate on F5 ? , how to erase this message, it is constraining for the user.
Yes, that because of the self signed certificate, that the clients browser gets presentet. You have to deliver a propper certificate and chain for your service.
Import a propper certificate and chain on the F5
Add the certificate and chain to your client-ssl profile (under Certificate Key Chain)
Really thanks , so question , therefore, it is impossible to bypass the error message displayed on the browser without adding a certificate on the F5, is it mandatory? there is no other solution without adding the certificate on the F5, because we already have one on the backend server ?
If you don't need to terminate a SSL session on the F5 (for example to look into the http headers, manipulate content, oder do some irule shenanigans like url base loadbalaning, you don't neet to do ssl on the f5 at all.
Just use a Performance Layer (Layer 4) type for your VS and the F5 will only do Layer 4 Loadbalancing. You are then a bit of limited in things like load-balancing and persistence. Also TCP optimizations towards client and server are not possible. Keep in mind, that the VS type will handly traffic differently and you might loose some features.
