Forum Discussion

SaiNetwork_1624's avatar
SaiNetwork_1624
Icon for Nimbostratus rankNimbostratus
Jun 20, 2017

Cookie Encryption through HTTP profile does effect for cookie disabled VIPs?

Hi , I have a request to enable cookie encryption on he entire LTM.   please let me know one thing.Does cookie persistence work only if I map cookie persistence profile to the VIP and then HTTP pr...
BIG-IP
LTM
security
Ryannnnnnnnn's avatar
Ryannnnnnnnn
Icon for Altocumulus rankAltocumulus
Jun 20, 2017

Heya,

 

I had a brain fade, Piotr is correct regarding http profile being required for cookie persistence.

 

If you are seeking to encrypt your persistent cookie, that can be configured from within the cookie persistence profile. If you wish to encrypt other cookies then you can specify those particular cookies in the HTTP profile.

 

  • SaiNetwork_1624's avatar
    SaiNetwork_1624
    Icon for Nimbostratus rankNimbostratus
    Jun 20, 2017

    hi Piotr,

     

    Thank you very much for your response..This clarified me .Please find the bottom line of the my query and let me know if I can do it.

     

    for suppose I enabled cookie encryption in the http_prod http profile.

     

    case 1: for VIP with only http_prod profile(no cookie profile) , this does nothing I didnt map any cookie persistence profile to it.no stickyness provided as there is no cookie persistence.

     

    case 2: for VIP with both http_prod and cookie profiles, as I enabled cookie encryption in the http profile, the LTM starts encrypting and decrypting the cookie between Client and itself and provide stickyness

     

    Please let me know the above cases are correct.

     

    Thanks again. Sai