For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Jeff_Unger_1067's avatar
Jeff_Unger_1067
Icon for Nimbostratus rankNimbostratus
Dec 22, 2005

HTTP -> HTTPS -> HTTP Cookie Persistence

I have a ticket open with F5 technical support, but thought I might post my issue here as well, just to see if anyone might have some insight. I am not sure if this needs to be handled by an iRule sp...
application delivery
dev
devops
iRules
Matt_Galvin_107's avatar
Matt_Galvin_107
Icon for Nimbostratus rankNimbostratus
Jan 09, 2006
Posted By unRuleY on 12/27/2005 6:15 PM

 

The only way to do this would be if the BIG-IP is handling the SSL termination.

 

 

Unfortunately, this is not possible for us (junger and I work together). Due to other security requirements, we must have SSL termination at the end server that handles the request. We cannot have unencrypted traffic between the LB and the processing server when the incoming client request is over SSL.

 

 

Is it not possible to have HTTP and HTTPS persistence if the BIG-IP is not the SSL terminator? We don't have to use cookie based persistence if one of the other methods will accomplish this.