Adding 2 client-ssl in 1 virtual.

Question

Is there a way we can associate two client-ssl profile to one virtual? If yes then how?&nbsp;

samir_jha_52506 · Answer

You can add more then 2 SSL profile in VIP either via iRule calling or SNI setting.&nbsp;

kevin_stewart · Answer

If I may elaborate, it's the server name attribute in the client SSL profile. Presumably each client SSL profile would possess a different server certificate, with a unique subject and/or subject alt name value. By setting the server name field in each client SSL profile to match the certificate's subject name, the F5 can effectively switch between the client SSL profiles based on the Server Name Indication extension in a client's TLS Client Hello message (start of the TLS handshake).&nbsp;
You'll also need to enable the "Default for SNI" option on one of these profiles, in the event that the client does not present an SNI.&nbsp;

Forum Discussion

Adding 2 client-ssl in 1 virtual.

2 Replies

Recent Discussions

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire

SSL PROFILE - How to use multiple SSL Profile Client in Virtual Server

Client SSL Profile

SSL 3.0.7 - Unsafe legacy renegotiation disabled on client side

Client vs Server SSL profile