Forum Discussion

Nimbostratus

Sep 27, 2018

HTTP or HTTPs on backend servers if SSL Offloading is used

Hi All, Please consider below line diagram as per my setup. Client ===HTTPS===LTM===HTTP===Web SERVERs or DB servers The server team can enable either HTTP or HTTPs on the backend serv...

application delivery

LTM

Kevin_Stewart

Employee

Sep 27, 2018

SSL bridging means that you terminate client side TLS on the BIG-IP, and then re-encrypt to the server. This requires client and server SSL profiles. The client SSL profile should of course have your client-facing server certificate and private key, and have proper cipher support. The server side, because the internal TLS connection isn't validated by default, can be very simple. In fact you can usually get away with using the built-in "serverssl" profile on the LTM VIP.

So then, yes, the Tomcat server is listening on HTTPS, the BIG-IP VIP is listening on HTTPS, but traffic is decrypted on the BIG-IP.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

HTTP or HTTPs on backend servers if SSL Offloading is used

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

SSL Offloading and Backend pool https

DNS load balancing to backend servers using GTM/LTM.

Backend server IP not visible in TCP dump

F5 MCP(Model Context Protocol) Server

FTPS Offload via iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS