—-SSL Termination (Client)
SSL Termination is the PC going to the VIP on the F5.
//Configuring CLIENT SSL Termination
- Create the CSR on the F5.
System -> File management -> SSL Certificate LIST -> Create
-> Enter the common name for the website eg www.website.com - Sign the Certificate on the CA
-Navigate to https://localhost/certsrv
3.Import the key (I had an issue) so follow the below guide.
System -> File management -> SSL Certificate LIST -> import
-Choose certificate
-> Paste the Base64 text in the textbox
-> Click finished
- Create the client profile
Local traffic -> Profiles -> SSL -> Client -> New
-Default template is fine “ClientSSL”
-Tick custom Certificate -> Choose the imported key from the CA
-Tick Custom key -> Choose the CSR that you generated on the F5. - Apply the Profile to the virtual server
Local traffic -> Virtual server -> SSL CLient PRofile -> Choose your signed Cert - Select the “HTTP” Profile for the virtual server
—-SSL Termination (Server)
SSL Termination is the F5 going to the Webserver.
//Configuring Server SSL Termination
Note: At metro I used the same certificate from the Client HTTPS termination
for the SSL Server Profile.
- Create the CSR on the F5.
System -> File management -> SSL Certificate LIST -> Create
-> Enter the common name for the website eg www.website.com - Sign the Certificate on the CA
-Navigate to https://localhost/certsrv
3.Import the key (I had an issue) so follow the below guide.
System -> File management -> SSL Certificate LIST -> import
-Choose certificate
-> Paste the Base64 text in the textbox
-> Click finished
- Create the server profile
Local traffic -> Profiles -> SSL -> server -> New
-Default template is fine “serverSSL”
-Tick custom Certificate -> Choose the imported key from the CA
-Tick Custom key -> Choose the CSR that you generated on the F5. - Apply the Profile to the virtual server
Local traffic -> Virtual server -> SSL server PRofile -> Choose your signed Cert - Select the “HTTP” Profile for the virtual server