Forum Discussion

Nimbostratus

Jul 27, 2015

HTTPS session not passing through F5.

We have HTTPS application using TCP 50001. Certificate is insatlled on the server, not on the F5. For unknown reason we are not able to pass the SSL sesion to the server. When I installed cert on the...

application delivery

LTM

Kevin_Stewart

Employee

Jul 28, 2015

If this is for browser-based communications, then generally speaking SSL persistence doesn't work (reliably). This persistence method uses the SSL session ID to control load balancing affinity, but that number will change whenever an SSL session is renegotiated, which happens quite often for browsers.

To summarize, in the absence of the ability to see inside SSL traffic, any load balancing product is generally limited to IP addresses to maintain affinity. There are some non-browser clients (of stateful protocols) that don't renegotiate their SSL sessions, where SSL persistence works, but guessing that's not what you need here.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)