Question about Load Balancer certificate for ISC TLS IQServices Load Balancer setup

yunhanspiiq · November 6, 2025, 4:10pm

Hello Experts,

Planning to setup ISC TLS to F5 VIP Load balancer with 2 Windows IQServices as backends, to AD. Learned that the certificate must use Load Balancer’s FQDN, then once the certificate chain issued by a CA, install/import the chain to all three parties: F5, two IQServices.

My question/confusion is: should I generate a CSR which should fully meet all TLS IQService certificate requirements such as:

image1782×652 26.4 KB

and so on except using F5 Load balancer VIP’s FQDN as common name and DNS subject alternative name? From what I have learned, I feel yes. But need to be clear. Any inputs highly appreciated. Many thanks in advance.

amit_1140 · November 6, 2025, 5:30pm

@yunhanspiiq -

Your intuition is right. generate a single CSR for the VIP FQDN that meets the IQService TLS requirements; install the issued cert+chain on both IQService nodes (same cert on both), not on F5 (for TLS passthrough).

yunhanspiiq · November 6, 2025, 7:30pm

Got it. Very clear and helpful. thanks much.

Topic		Replies	Views
How to setup IQS Servers using TLS with Load Balancer ISC Discussion and Questions identity-security-cloud	8	1266	November 12, 2024
How to setup Load Balancer Between 2 IQService Servers and 2 VA using TLS ISC Discussion and Questions webservice-connector , rules , aggregation , identity-security-cloud , provisioning , connectors	2	583	November 12, 2024
Load Balancer (Where certificate need to add ( on load balancer or application servers)) IIQ Discussion and Questions identityiq	3	113	September 14, 2024
Handling TLSconfiguraton between VAs and 2IQServices with a Load Balancer ISC Discussion and Questions identity-security-cloud	4	32	August 17, 2025
How to enable SSI on tomcat with Subject Alternative Name IIQ Discussion and Questions	1	345	July 19, 2023

Question about Load Balancer certificate for ISC TLS IQServices Load Balancer setup

Related topics