Jump to content

How to add SSL Profile to Virtual Server in JSON


Cowboy Denny
 Share

Recommended Posts

This is a quick reference on how to add a client SSL Profile to your JSON script.

So you need to add a serverTLS entry like the one below which is referencing a client ssl profile further down in the JSON script

          "virtualPort": 443,
          "redirect80": false,
          "serverTLS": "app1.hosangit.corp.c.ssl.pf",
          "profileHTTP": {
            "use": "app1.hosangit.corp.http.prfl"
          },
          "pool": "app1.hosangit.corp.pool",

 

Here is where we built the profile and associate the key and cert

        "app1.hosangit.corp.443.cert": {
          "certificate": {
            "bigip": "/Common/lb-app1.hosangit.corp"
          },
          "privateKey": {
            "bigip": "/Common/lb-app1.hosangit.corp"
          },
          "class": "Certificate"
        },
        "app1.hosangit.corp.c.ssl.pf": {
          "certificates": [
            {
              "certificate": "app1.hosangit.corp.443.cert"
            }
          ],
          "ciphers": "ALL:!TLSv1:!TLSv1_1:!DHE:!SHA:!MD5:!ADH:!EXPORT:!EXP",
          "class": "TLS_Server"
        }

Many times you need to delete the ciphers line to use F5 DEFAULT ciphers.

Its really that easy.

Link to comment
Share on other sites

 Share

×
×
  • Create New...