HTTPS virtual server URL not working after attaching http profile

Hello,

When you set a HTTP profle with TLS/SSL (between client an backend trough F5) flow you have to process interception by setting client ssl and server ssl.

A virtual server with an associated HTTP profile processes connections using the BIG-IP system's full proxy architecture for the purpose of making requests on behalf of clients. In this mode, the BIG-IP system processes the three-way TCP handshake and initial data packet on the client-side connection before initiating the TCP handshake on the server-side connection; the client's data packet triggers the BIG-IP system to initiate the server-side connection.

So in this case F5 manage all your request as full proxy so if you set a HTTP profile without interception for ssl/tls flow it will not work as wanted...

https://support.f5.com/csp/article/K40243113

Let me now if it's clear...

Hi,

HTTPS means HTTP over SSL. In other words, HTTP communication is inside SSL encrypted tunnel.

If you don’t decrypt SSL tunnel, you won’t be able to read or write HTTP content.

Enabling HTTP profile means the protocol is HTTP, if it detect it’s not HTTP, the connection is rejected! HTTPS not decrypted by clientssl profile doesn’t match http protocol!

It looks like you had a "TCP pass-through" setup before, and now you want F5 to handle HTTP-specific functions. You need to follow an "SSL bridging" solution. Please see K12015: Configuration requirements for SSL virtual servers, profiles, pools, and monitors.