About F5 VE External Cryptographic issue.
Hi Everyone
I refer to this guide https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ssl-administration-12-0-0/18.html in my lab.
Client -----> BIGIP-1 VE v12.1 (Crypto client) -----> BIGIP-2 VE v12.1( Crypto Server )
I used tmsh commany show crypto server have normal output at below.
Sys::Crypto Server: my_Crypto_Server
Received Packets 156 Received Bytes 6.1K Transmitted Packets 156 Transmitted Bytes 3.8K
But client web browser display common name is localhost.localdomain by Crypto client's default clientssl cert,It not by Crypto server's crypto-server-default-clientssl cert.
My understanding was that use External Crypto function and its purpose is to use the Crypto server security save and management certificate. The Crypto server is responsible for the final SSL offload function.So I think client browser dispaly certificate should be Crypto server's instead of Crypto client 's localhost.localdomain.
Do I understand correctly and How to correctly configured?
Many Thanks
D.Luo