HTTP profiles are not compatible with virtual servers that perform HTTPS passthrough like LAYER 4 performance VIPs , since the HTTP profile cannot see any of the HTTP headers or content inside the SSL encrypted packets passing through the virtual server.
Moreover, applying an HTTP profile to an HTTPS passthrough virtual server can actually break the virtual servers functionality, or impact the performance of the application hosted by the virtual server.
To perform a data inspection for encrypted (HTTPS) traffic, you must associate the Secure Sockets Layer (SSL) profile to a standard virtual server so that it can decrypt and re-encrypt the traffic passing through the virtual server.
F5 recommends that you use the HTTPS profile with a standard virtual server instead of a Layer 4 virtual server
When you assign an HTTP profile to a Layer 4 virtual server, you can use this combination only to gather statistics on HTTP data, as well as with some iRule commands that perform HTTP data read-only operations.
The following list describes the limitations of the HTTP profile when you use it with the Layer 4 virtual server:
You cannot manipulate HTTP data, such as modifying the HTTP header.
You cannot associate the HTTP compression profile with the Layer 4 virtual server.
You cannot associate the Web Acceleration profile with the Layer 4 virtual server.
Any iRule commands that attempt to manipulate HTTP data will result in and error and a connection reset.
To trigger HTTP iRule events, the virtual server must access all packets in a connection.
If the FastL4 profile allows connections where the BIG-IP system does not access all packets (for example when theLoose Init orLoose Close options are enabled), then the HTTP profile may be ineffective.