Forum Discussion

N_c_222725's avatar
N_c_222725
Icon for Nimbostratus rankNimbostratus
Sep 18, 2015

SAN cert bringing site down

Hi,

 

We have two sites abc.com and xyz.com on LTM. We have a SAN cert that includes both domains along with 2 more. I created an SSL profile and attached to only abc.com and both the sites went down. I tried adding that profile to both VS's but no use. Both sites came up when removed the SSL profile. Should i turn on any other settings in F5 for SAN certs to work? and i don't understand why xyz.com not working when adding ssl profile to abc.com. Thanks!

 

application delivery
LTM
security

2 Replies

Sort By
  • boneyard's avatar
    boneyard
    Icon for MVP rankMVP
    Sep 19, 2015

    in principle that shouldn't happen, the BIG-IP cares little about which hostnames are inside a certificate. so there might be a chance you make a configuration error somewhere.

     

    what is the current status, do both servers have SSL profiles attached currently? is that the same SSL profile? how do you get the VS to use the SAN certificate, do you change SSL profile or do you change the cert / key inside the SSL profile?

     

    were the SAN certificate and key imported correctly?

     

    seems you double posted, you might want to delete the other question.

     

  • arpydays's avatar
    arpydays
    Icon for Nimbostratus rankNimbostratus
    Sep 21, 2015

    Hi, if you are offloading SSL then the pool will need to change to http, I assume it's currently https and you are just passing SSL straight through? Did you update the pool on the VS?