How make LTM trust a node's Self-Signed Cert?

Question

Hello fellow F5-Admins,&nbsp;
I'm quite lost at the moment. I was asked by our anti virus guys, if we could use SSL (https) in the backend between my LTM and their ICAP anti virus servers. Because it's backend and other more or less viable reasons, we would like to use a self-signed certificate on the ICAP-servers.&nbsp;
Testing the connection with curl -k (-k for insecure) succeeds but I guess I have to make the F5 trust the self signed cert somehow to make it work. At the moment the health monitor is still read because F5 not trusting the servers cert.&nbsp;
Where/how can I tell the F5 to ignore/accept the serf-signed cert, or how to I import it to the trusted store? Just importing the cert into the "SSL CCertificate List" does not work.&nbsp;
Cheers
Ichnafi&nbsp;

ichnafi · Answer

Well....shame on me.
It seems that the F5 does not care if the server presents a self-signed cert.
But one has to create a https monitor, not http.&nbsp;
Message to future me: think before you act.&nbsp;
Cheers
Ichnafi&nbsp;

Forum Discussion

How make LTM trust a node's Self-Signed Cert?

1 Reply

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Trust your CDN, but not completely

Creating device trust / trust-domain through iControl REST Call(s)

Overview of Trusted Client IP Headers in F5 Distributed Cloud Platform

Zero Trust building blocks - Machine Identity Management (MIM) and Workload Protection

Understanding Server SSL Trusted Certificate Authorities on BIG-IP