F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

dragonflymr's avatar
dragonflymr
Icon for Cirrostratus rankCirrostratus
Jan 26, 2016

http and https members in one pool

Hi,   I wonder if there is a way to set pool so it has one member using http and another https. I am pretty sure it's not possible via VS settings as ServerSSL is global for VS - so either traffic...
devops
http
https
iRules
LTM
Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Jan 26, 2016

Hi Piotr,

although LTM Policies do have a support for enable/disable Server SSL Profiles, I do strongly believe that LTM Policies can't be used for this specific scenario. In addition to that, do I believe that LTM Policies in its current implementation are performance wise rather suboptimal to control Server SSL Profiles. The reasons for that are...

  1. LTM Policies are proccessed before the actual LB selection is completed. So you wont get the chance to grap the port number of the selected pool to selectivly disable/enable the Server SSL Profile.

  2. LTM Policies would reenable/redisable the SSL Profile on each single request, where iRule can be adjusted to use ideally the 

    SERVER_CONNECTED
    event, to perform the required action only once during server side connection establishment (aka. OneConnect anyone?)

Cheers, Kai