Forum Discussion

Nimbostratus

Feb 20, 2019

F5 LB : Decryption and Re-Encryption of Traffic to Application Server

I want to understand how a F5 Load balancer decrypts the SSL traffic received from a client say a browser and then re-encrypts it before sending/forwarding the same to an Application Server in an ent...

Nimbostratus

Feb 20, 2019

There are multiple ways to do that on the Big-IP, but in most cases you probably want the valid certificate and its matching private key on the Big-IP, and then you can have a valid or self-signed certificate and its matching private key on the backend server.

Encryption between the client and the Big-IP will use the certificate hosted on the Big-IP, and encryption between the Big-IP and the backend server will be done using the certificate on the backend server. In this scenario the Big-IP acts both as a server and a client.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

F5 LB : Decryption and Re-Encryption of Traffic to Application Server

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

SSL decryption/re-encryption w/iRule feeding into HTTPS load balance

Enhance your Application Security using Client-side signals

AS3 referencing objects across applications

SSL Re-Encryption - No SSL traffic on server side

BIGIP OAUTH : Transmit "Application id" to backend server after a successful atuthentication

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS