Forum Discussion

Nimbostratus

Oct 18, 2016

HTTP Profile breaking HTTPS

I have a https_vs that does not offload the SSL. I also have two pools https_pool and https_training_pool. I have to have iRules to inspect the https address for "portal.newco.com" to go to the https...

application delivery

iRules

LTM

Hannes_Rapp_162
Oct 18, 2016
It's mandatory to offload SSL in BigIP to inspect the HTTP headers (Host, and others). There's no way around it. However, you can use serverssl profile in conjunction with clientssl to re-encrypt before the request gets forwarded to a pool member.

Vijay_E

Cirrus

Oct 18, 2016

You would have to set up SSL with HTTP profile. HTTP profile tends to check the contents of the packet and without SSL, it won't be able to inspect the contents of the encrypted packets.

In order to troubleshoot "Connection not secure", perform a curl to check and make sure that the domain that you are requesting and the certificate domain are the same.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

HTTP Profile breaking HTTPS

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

HTTP Profile breaks HTTPS Connections

APM SSO breaks RDP persistence

irule VS http profille

http profile breaks down my virtual server

HTTP Profile breaking HTTPS site

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS