For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
May 14, 2014

You can certainly do HTTP on the client side and HTTPS on the server side. You basically just apply a serverssl profile to the VIP. If the web server needs a client certificate, then you'll need to import a cert and private key and assign those to your serverssl profile.

 

The one significant caveat to this might be how the application functions. In a similar fashion to client side HTTPS and server side HTTP "reverse proxy" issues, if the server is unaware that it's behind a proxy, and uses absolute URLs to reference internal objects, then you may have issues when the HTML page renders but internal document objects (images, JavaScript, CSS, etc.) have https:// URLs. This isn't a given, and actually somewhat rare these days, but definitely something to look out for if you run into issues.