Manual Chapter : Configuring SSL with mirroring

Applies To:

BIG-IP ASM

  • 17.5.1
  • 17.5.0
back-action Connection Mirroring With Asm

Configuring SSL with mirroring

You need to create an SSL certificate and custom SSL profile for secure communications between the two mirrored devices.

  1. Enable sys db:

    • tmsh modify sys db statemirror.secure value enable
    • tmsh modify sys db statemirror.verify value enable

  2. On the Main tab, click System > Certificate Management > Traffic Certificate Management > SSL Certificate List and create a new SSL certificate.

    Standard SSL certificates are not supported for this feature.

  3. On the Main tab, click Local Traffic > Profiles > SSL > Server. The SSL Server profile list screen opens. Create a new SSL profile with the created SSL certificate and with “Cache Size” = 0.

    See the BIG-IP System: SSL Administration Guide for more information on creating a custom SSL profile.

Parent topic:Connection mirroring with ASM