F5 Logo MyF5
Search
  1. MyF5 Home
  2. BIG-IP Application Security Manager: Implementations
  3. Connection mirroring with ASM
  4. Configuring SSL with mirroring
Manual Chapter : Configuring SSL with mirroring

Applies To:

Show Versions Show Versions

BIG-IP ASM

  • 21.0.0, 17.1.3, 17.1.2, 17.1.1, 17.1.0, 17.0.0
Manual Chapter

Configuring SSL with mirroring

You need to create an SSL certificate and custom SSL profile for secure communications between the two mirrored devices.
  1. Enable sys db:
    • tmsh modify sys db statemirror.secure value enable
    • tmsh modify sys db statemirror.verify value enable
  2. On the Main tab, click
    System
    Certificate Management
    Traffic Certificate Management
    SSL Certificate List
     and create a new SSL certificate.
    Standard SSL certificates are not supported for this feature.
  3. On the Main tab, click
    Local Traffic
    Profiles
    SSL
    Server
    . The SSL Server profile list screen opens. Create a new SSL profile with the created SSL certificate and with "Cache Size" = 0.
    See the BIG-IP System: SSL Administration Guide for more information on creating a custom SSL profile.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information