Forum Discussion
BIG ASM - WAF for https applications
The inspection will still work if the cert is out of date.
You'll have just lost your trust between browser and the f5 VIP. So you'll need to get through the client trust fail safes for it to work at all, but the waf will still work if the site comes up.
- suraj11Nov 27, 2023Nimbostratus
Hi Thanks for the reply,
just wanted a little clarity in terms of analysis. An Organization has multiple URL's hosted which clients access for payments, updations, purchases, etc. Wanted to know when clients access these URL's whose traffic is routed via WAF are https / encrypted connections. As per my understanding SSL offloading decrypts the traffic only after that it can analyse the packet contents , payloads etc. So if the SSL certificate expires which is required for ssl decryption and encyption at WAF level, can WAF still analyse the packets, payloads, cookies and its contents, even if the traffic is via HTTPS / TLS / SSL.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com