Forum Discussion

Nimbostratus

Sep 24, 2006

About Cookie encryption

Hi I want to know encoded level of COOKIE to BIGIP6400 equipment. When attempted server’s ssl call by web server in Test pc,I want to know encoded level of Cookie in TestPC I want to co...

Cirrostratus

Sep 25, 2006

Hi,

I don't believe there is a stock way to have BIG-IP encrypt cookies without using an iRule. To use an iRule, see this example from unRuleY:

Click here

The example uses AES to perform the en/decryption. For more info on AES check here:

Click here

I believe you can use 128, 192 or 256 bit keys using the format:


[AES::key 256]

The wiki page on AES doesn't indicate you need to specify a key length (Click here) but TMM seems to expect it:

Test rule on 9.2.3:


log local0. "key: [AES::key]"

TMM error:

Sep 25 12:54:43 tmm tmm[21152]: 01220001:3: TCL error: Rule log_aes_key_rule - wrong args: should be "AES::key <128 | 192 | 256>" while executing "AES::key"

It worked when I tested [AES::key 256].

Hope this gets you started...

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

About Cookie encryption

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

Why does SSLO not support ACTIVE-ACTIVE mode deployments？

Failed to set RDP launch token timeout

Horizon View iApp - Big-IP 17.5

r4600 Tenant CPU Assignment

master key file on vcmp guest HA Cluster different?

Related Content

Encrypting Cookies

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Let's Encrypt

Cookie Encryption

Automate Let's Encrypt Certificates on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS