Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the BIG-IP?
Assume a virtual server has a ServerSSL profile. What SSL certificates are required on the BIG-IP?
When configuring a ServerSSL profile on a BIG-IP system, SSL certificates are indeed required. However, these certificates do not necessarily need to be issued by a certificate authority. Self-signed certificates or certificates generated by the organization can be used, but they must exist on the BIG-IP to allow for the decryption and encryption of SSL traffic. Therefore, the BIG-IP's SSL certificates must only exist.
A is OK. You need to associate a ssl server profile to the VS only if you want to encrypt the traffic between the virtual server and the node/s. Besides, you can use a self-signed certificate or signed by an external CA, but to encrypt traffic correctly the certficate in both ends must match.
You have to have a cert and key pair but they don't have to be issued by a cert authority. awnser is B
that is for clientSSL only
A https://community.f5.com/t5/technical-forum/ssl-server-vs-client-profile/td-p/45191