Encrypt HTTP body?

Question

I know this sounds strange but is it possible to only encrypt only the body of an http packet with an iRule? The client at the far end is not a browser but a custom client.

brian_gupta_115 · Answer

I don't understand what you are trying to accomplish.&nbsp;
&nbsp;-Brian

doug_lohf_88372 · Answer

Yes, very strange...Today, the webserver will encrypt the data portion of a port 80 packet and a custom client will decrypt the data portion. Looking to offload the encryption from the webserver. The client can be changed to accommodate certain encryption schemes if necessary. The reason for port 80 is to bypass corporate firewalls...

unruley_95363 · Answer

Try something like this:
when HTTP_REQUEST {
    Don't allow data to be chunked
   if { [HTTP::version] eq "1.1" } {
      if { [HTTP::header is_keepalive] } {
         HTTP::header replace "Connection" "Keep-Alive"
      }
      HTTP::version "1.0"
   }
}
when HTTP_RESPONSE {
   if { [HTTP::header exists "Content-Length"] } {
      set content_length [HTTP::header "Content-Length"]
   } else {
      set content_length 4294967295
   }
   if { $content_length &gt; 0 } {
      HTTP::collect $content_length
   }
}
when HTTP_RESPONSE_DATA {
   set encrypted [b64encode [AES::encrypt "passphrase" [HTTP::payload]]]
   HTTP::payload replace 0 [HTTP::payload length] $encrypted
}

Forum Discussion

Encrypt HTTP body?

Recent Discussions

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

F5 LTM listening on 3306

SNI Sites not taking correct certificate.

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

irule to enable http/2 acceleration

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Let's Encrypt

Load Balancing TCP TLS Encrypted Syslog Messages

Encrypting Cookies

Cookie Encryption

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS