F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

zebos_116800's avatar
zebos_116800
Icon for Nimbostratus rankNimbostratus
Jan 17, 2014

Can ASM analyze SSL traffic using the server's private key?

Hi all, I was wondering if F5's ASM can be deployed in such a way that it does not terminate SSL traffic but uses the server's private key to decrypt and sanitize the traffic and then encrypt it again to send it to the web server.

 

(Something like the first option in the first answer in this post)

 

deployment
design
security

3 Replies

  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus
    Jan 17, 2014

    I wonder if this feature would help you here Proxy SSL. It doesn't terminate the SSL connection but does allow ASM to inspect the traffic.

     

    Hope this helps,

     

    N

     

  • zebos_116800's avatar
    zebos_116800
    Icon for Nimbostratus rankNimbostratus
    Jan 17, 2014

    Interesting, it may be what I'm looking for, I'll take a look, thanks nathan!

     

  • Mike_Maher's avatar
    Mike_Maher
    Icon for Nimbostratus rankNimbostratus
    Jan 17, 2014

    I use the Proxy SSL feature in situations where I need a client certificate to pass down to the server. It is very easy to configure and works very well. SSL termination happens at the server and you still get ASM inspection. Basically you are just playing man in the middle.