F5 Big-IP Trust Internal CA Chain certificates for Web Servers
Great day F5 Friends, Currently, we use a wildcard certificate on all of our web servers which requires us to replace it when the certificate is expired. The Big-IP isn't configured to "only" trust this certificate on these servers which is less secure. Where I would like assistance in is how to configure my Big-IP's to trust only our internal CA for those pools. *NOTE: I will configure GPO to auto-enroll the web servers for SSL certs and bind to IIS. Is it as simple as uploading the Chain cert to the Big-IP and then create a server ssl profile pointing to that Chain cert and adding the profile to the VS? Thanks for your time and energy in this. Sincerely, Paul Courtois
