Forum Discussion

Nimbostratus

Sep 07, 2011

F5 as a proxy to encapsulate every HTTP session into ssl

Hi, We have a specific architecture and we want to use the F5 as a proxy device, a specific proxy device... I explain : We have a lot of customers in Internet (several hundre...

config

design

George_Watkins_

Historic F5 Account

Sep 07, 2011

Hi Nicolas,

The problem that you are going to run into is hostname mismatches. Your clients will receive errors unless you have a wildcard certificate for a domain and all the SSL sessions will be within that domain. It isn't possible to select an SSL profile based on hostname as the SSL session is negotiated prior to any hostname exchanges. However this is different from your diagram. If you only want to encrypt traffic on the server-side that is a much easier (albeit uncommon) scenario. Hope this helps,

George

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

F5 as a proxy to encapsulate every HTTP session into ssl

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

Proxy Protocol v2 Initiator

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Intelligent Proxy Steering - Office365

SSL PROXY

Integrating SSL Orchestrator with CheckPoint Firewall VM-Explicit Proxy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS