san
5 Topicsmulti-domain with client-ssl profile set using SNI option
Hello, Currently, we are using SNI successfully, with single certificates. Now, we have a requirements which I don't know how to address : using multi-domains certificates (SAN) So, i have my default SNI multi-domain, which is easy to set, how can I set secondary SNI option? How can I configurred the server-name parameter with the extra URL inside the second multi-domain cert? VIP default SNI - multi-domain.cert second SNI cert - multi-domain2 server-name = ????? third SNI cert - multi-domain3 server-name = ????? thank you and be safe JSolved869Views0likes1CommentAuthentication name in server ssl profile and SAN field
Hello In a SSL server profile, the FQDN name in the field 'Authenticate Name' is compare only to the CN field of the certificate ? Or the SAN (Subject Alternative Names) field of the certificate is also compared ? We have exchanges with a company actually presenting a certificate " *.company.com ". So actually, we authenticate the server with " *.company.com " in the Authenticate Name field of the SSL server profile. They will soon modify their certificate with CN " company.com " and put " *.company.com " in the SAN part of the certificate. How the SSL server profile will handle this ? SSL will fail because the CN of the certificate is not equal to the Authenticate Name field in the profile ? Or SSL will be ok because the SAN field handle a name equal to the Authenticate Name field of the profile ? Thank you. Fred326Views0likes1CommentHow can I configure Server SSL Profiles to connect to different URLs on the same server?
Hi, We have a web server which has two sites published on it via a single Virtual Server on the BIG-IP: site1.domain.uk site2.domain.uk Our security policy dictates that we must encrypt the connections between the user and the BIG-IP and between the BIG-IP and the web server. We initially purchased a SAN certificate with site1.domain.uk and site2.domain.uk on it (site1.domain.uk is the default name). We have tried various methods of getting the end to end connectivity working with a user connecting using both URLs but all have failed. Can anyone provide any guidance on how to achieve this?Solved2.1KViews0likes19CommentsSAN Certificate Troubleshooting
Hello, I have a SAN Certificate and installed to BIG IP TL2000.The certificate was imported as pfx but i also tried to convert and installed as .pem file to BIG IP. The problem is i can not use the Client SSL profile for this certificate. The certificate has 3 sundomains as 1.xyz.com,2.xyz.com,3.xyz.com Any help appreciated. Thank You207Views0likes1Commentcharacter limit f5 subject alternative name
Guys I am having issue creating .csr in f5. Do we have limit on character for Subject Alternative names? we have 1111 characters including spaces on Subject alternative name however it has an error " error occurred while processing your request". But when I delete few domains about 2 it was successful :( Please help Thanks435Views0likes5Comments