Forum Discussion

Nimbostratus

Jun 18, 2014

HTTP Profile breaks HTTPS Connections

Hi, We want to setup SSL forwarding for our HTTPS virtual server. If I set a no HTTP profile and setup a bypass by selecting none for both client and server SSL the site works properly. If ...

Vincent_96223
Jun 18, 2014
If you are wanting F5 to do a passthru, where your actual servers will be doing the encryption and decryption, select Type = Performance (Layer 4) on your VIP. Now, if you want F5 to do the SSL handshake for you, you will have to create a client side SSL profile on F5, and import your certificate and key onto F5. F5 will represent your server for the SSL session, and you have the option of setting up your backend to either talk HTTP or HTTPS.

shaggy

Nimbostratus

Jun 18, 2014

Yes - you'll want a standard VS, client-SSL profile with app cert/key, server-SSL profile (if backend is also SSL - none if backend is HTTP), HTTP profile, and a cookie persistence profile.

Think of profiles as the F5 interacting with traffic at that 'level' - in order to do cookie persistence, the F5 needs to interact with HTTP (http-profile), in order to interact via HTTP, the F5 needs to decrypt the traffic (client-ssl) profile

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

HTTP Profile breaks HTTPS Connections

Recent Discussions

Management IP F5 cant be accessed

ASD

Big-IP VE edition for MacBook M4 Chip

301 redirect and waf policy log problem

Background Tasks

Related Content

Update your DevCentral user profile

DevCentral Connects hosts Capture the Flag!

SSL Profiles

DoS Profiles

Troubeshooting website connection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS