ASM ICAP support for HTTPS

Question

Hi&nbsp;&nbsp;I am interested in using the ICAP for a new service that is in development, it is critical we inspect uploaded images before they reach our storage.  However, the incoming sessions will be HTTPS based and all the documents I have seen point to HTTP.&nbsp;&nbsp;&nbsp;I am assuiming, the F5 will decrypt and forward the traffic to the ICAP server and then re-encrypt it back to the target server. So long as all the SSL certificates are in the right place.&nbsp;&nbsp;&nbsp;I have not found any documents on F5 to support this assumption, has anyone used ICAP with an HTTPS service?&nbsp;&nbsp;&nbsp;Thanks&nbsp;&nbsp;&nbsp;chung&nbsp;

hoolio · Answer

Hi Chung, 
&nbsp;  
&nbsp; I haven't tried testing this and don't have access to a lab box at the moment.  If HTTPS fails, you could probably create an HTTP virtual server on an internal VLAN.  Add a server SSL profile and a pool of the ICAP server(s).  Then point the ASM config to the HTTP virtual server. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

ASM ICAP support for HTTPS

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Failing over Virtual F5 VE to DR location using Zerto

Failing over of a Virtual F5 configuration to another location using Zerto restore process

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

Related Content

F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature

F5 HTTPS Redirect 2025

Multi-port support for HTTP/TCP load balancers in F5 Distributed Cloud (XC)

Support and Help for DevCentral and Offline Contact

ICAP 204 Response Frequently Asked Questions

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS