How to Use Web Server for SSL instead of F5 via F5

As shaggy said, if you are using any Layer 7 events including HTTP, which requires an HTTP profile means you will require a client SSL profile. I don't think you can control the Layer 7 packet flow in proxy mode, I believe that is more for inspection for logging. If you are currently doing SSL offload, there's no problem with re-encrypting with a server SSL profile to still have an SSL handshake with the backend server.

Thank you Brad and Shaggy, I understood what you are saying now. But how can i create a iRule without Http Events/functions. below is my current iRule which i use to redirect traffic to different pool, that is traffic redirect on the ports is key based on the URL how can i achieve the same functionality without using the HTTP Events/ Functions. What are the alternatives to below Events / Functions. when HTTP_REQUEST { if {[string tolower [HTTP::host]] equals "abc.com" } { HTTP::redirect "http://123.com/homepage[HTTP::uri]" } elseif {[string tolower [HTTP::host]] equals "123.com" } { pool QA-WEB-444_Pool; persist none; } else { persist none } }

I may have misspoken about not being able to use the SSL proxy feature though I have never actually tried it myself. Give it a whirl in a pre-prod environment and see if your irule still works. Make sure however that your clientSSL profile only includes ciphers that your backend server can negotiated. I do know that they have to be compatible to work. https://support.f5.com/kb/en-us/solutions/public/13000/300/sol13385.html & https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-3-0/14.html should get you started.

Brad i did tried SSL Proxy feature and i was not successful but once i removed the iRules and the http profile i was able to use the Web Server Certs, but only thing is all the traffic is directed to the default pool of the virtual server. i am trying to route the traffic based on the URI.