HTTPS true "End to End" encryption

Question

Hello!&nbsp;
I am searching for information/explanation in regards for true "End to End" encryption on a LTM Config.&nbsp;
We do have a dilemma with our auditors when the LTM is listening on port 443 but doesn't have the SSL Cert and the Pool of members assigned to the VIP does have it.&nbsp;
They say that "between the user and the LTM the information is not encrypted."&nbsp;
Any light for this "urban legend"?&nbsp;
Thank you&nbsp;
J&nbsp;

ekaleido · Answer

The auditors would be wrong. But if you want to use the cert on your LTM you will gain much more agility with regards to the traffic and what you can do to it with irules and such.&nbsp;
You will need to import your cert and key to the LTM (System-&gt;File Management-&gt;SSL Certificate List) and then create a client SSL profile (Local Traffic-&gt;Profiles-&gt;SSL-&gt;Client).&nbsp;

Forum Discussion

HTTPS true "End to End" encryption

1 Reply

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How APM GET IOS UUID & Andriod MAC

Expired client-certificate

F5 Big-IP Trust Internal CA Chain certificates for Web Servers

XC - geo LB to the origin servers

Floating Ip Problem

Related Content

Let's Encrypt

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

What really breaks the "end-to-end nature of the Internet"

Automate Let's Encrypt Certificates on BIG-IP

Load Balancing TCP TLS Encrypted Syslog Messages

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS