Forum Discussion
wlopez
Feb 21, 2019Cirrocumulus
The client ssl profile manages the communications between the users and the F5 virtual server. It's that side's configuration that the users will see, so you'll want a valid certificate for that profile with it's corresponding issuer certificate. On that profile the F5 plays the role of server to the users.
The server ssl profile manages the communications between the F5 and the pool members. On that profile the F5 becomes the client and the pool members act as the servers. The default serverssl profile will ignore certificate warnings (issuer, expiration, common name mismatches) by default.
Since both profiles (clientssl, serverssl) are independent from the other, you can adjust the settings to whatever scenario you're dealing with.