Yes, that's absolutely normal. There's two things going on:
-
You're using what appears to be the default client SSL certificate/key on the BIG-IP.
-
You're accessing the VIP with an IP address.
A browser will generally complain if:
-
The x509 subject of the certificate that is provided by the server in the SSL negotiation doesn't match what is requested (happens when you use an IP address to access the site)
-
The certificate provided by the server/VIP in the SSL negotiation is somehow invalid (expired, revoked, etc.)
-
The client cannot create an explicit trust chain from the server's certificate to the issuing CA certificate(s). These are the certificates in the browser's intermediate and trusted authority trust stores.
You'll eventually need to import a good cert/key pair to the BIG-IP and then modify the VIP's client SSL profile to use these.