How to use two SSL-Certificates (a Wildcard and a EV) on the same virtual server IP

Question

Hi everyone&nbsp;
We have a case with a virtual server, on which we have to use two SSL-Certificates on the same IP. Usually it isn't a problem, we use on a virtual server four different wildcard-certificates with SNI and it works perfectly. But in this special case, we should use a wildcard and a extended validation certificate. And to make it more difficult, the main domain on both certificates are the same.&nbsp;
To explain that, we use a *.example.com for different requests like test1.example.com, test2.example.com and so on. But now we have to use a extended validation certificate only for . To set the ev-certificate as the default certificate for SNI wasn't successful. I assume, that the wildcard-certificate "overrides" the ev-certificate. If both certificates are used, only the the wildcard-certificate shows up at . If I use only the ev-certificate, it works fine. But the other subdomains won't work anymore as expected.&nbsp;
Now I'm not sure if it is possible to use those two certificates with SNI at all? We use a BIG-IP 11.6.1 Build 2.0.338. Any help would be very appreciated.&nbsp;
Many thanks in advance!
Marco&nbsp;

stanislas_piro2 · Answer

If it is not possible with SNI in ClientSSL profile, there is the old method using an irule&nbsp;

Forum Discussion

How to use two SSL-Certificates (a Wildcard and a EV) on the same virtual server IP

1 Reply

Recent Discussions

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Related Content

Thumbprint of the client ssl certificate

Implementing SSL Orchestrator - Certificate Considerations

SSL Certificate Report

SSL Client Certification Alert 46 Unknown CA

Understanding Server SSL Trusted Certificate Authorities on BIG-IP