Forum Discussion

Nimbostratus

Oct 10, 2011

Error sending traffic to the pool

Hi folks, I need to redirect traffic to different pools based on user uri WITHOUT CHANGING THE URL. So, if the user types www.domain.com or www.domain.com/start or /landing or /login, I shou...

Oct 12, 2011

So you are saying that if you connect directly to your secured web service (not through the BIG-IP), you have things working (after keystore configuration), but when you run it through the BIG-IP while your server is still setup as a secure web service and you don't have LTM doing SSL offload, it's not working on your client? If so, that doesn't make sense as if the LTM is not terminating the SSL, then the certificate passing should be identical. The packets to/from the web service from the client shouldn't be changed by the LTM (that is, unless it's terminating the SSL - ie. decrypting from the client and then re-encrypting to the backend server).

If all you care about is allowing the certs on your client app, the code I wrote for the iControl library for Java might help out. In it, I wrote a class called XTrustProvider that told the ssl client code to allow self-signed certificates. I blogged about it a few years back:

http://devcentral.f5.com/weblogs/joe/archive/2005/07/06/1345.aspx

Hope this helps...

-Joe

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)