2-way SSL from client to F5, will this work?

Question

I want to use a self signed cert for 2 way SSL
Virtual Server has a verified Cert for a real domain, this works fine in 1 way SSL&nbsp;
I installed a Self Signed Client Certificate
I set Client Certificate to require&nbsp;
It does not appear to work, I either get a timeout or a generic SSL error&nbsp;
I have tried all the selections for Advertised Certificate Authorities non, ca-bundle, default, the SSL cert I am expecting the client to have and no luck.&nbsp;
any help?&nbsp;

nathe · Answer

Chris. Off the top of my head you need to configure Trusted Certificate Authorities. In here you need to specify the CA that the bigip trusts and can verify against when the client presents its certificate ie the CA that has signed the client cert.&nbsp;
The Advertised option is when the bigip tells the client which CAs it will accept. This is optional.&nbsp;
See if that helps.&nbsp;
N&nbsp;

Forum Discussion

2-way SSL from client to F5, will this work?

1 Reply

Recent Discussions

Advise on setting up IRULE

google autenticator broken barcode

Port Group on F5OS network setting

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Unwinding the Benefits of Investing in White Label Crypto Wallet

Related Content

2 way ssl facing pool member

2 Way SSL not working as client certificate length is 0

F5 iRUule not working

iRule based RADIUS Client Stack

iRule: how CLIENT-DATA works