Forum Discussion
LTM HTTPS and HTTP internal with policy and SSL server profile enabled
Dear All,
I am wondering if it is possible to combine HTTP and HTTPS traffic internally using only one virtual server, for example;
Virtual server App.domain.com:443 with a LTM policy enabled to forward traffic Internally forward app.domain.com/shop with HTTP to server 1 unencrypted Internally forward app.domain.com/products with HTTPS to server 2 encrypted
Reading the documentation about the SSL server profile enabled all traffic will be encrypted towards the internal servers.
It would be very convenient to add this feature within a LTM policy to be able to forward traffic using HTTPS and HTTP combined using one virtual server and one LTM policy. Is there a possible way to accomplish this in LTM?
- VernonWellsEmployee
Oh, and this could also be done using a Local Traffic Policy:
https://support.f5.com/kb/en-us/solutions/public/15000/000/sol15085.html
if you are using 11.4.0 or higher.
- EastCoast_16835AltostratusBecause of a bug it is not working in 11.4, minimum 11.5 is required.
- Vernon_97235Historic F5 Account
Oh, and this could also be done using a Local Traffic Policy:
https://support.f5.com/kb/en-us/solutions/public/15000/000/sol15085.html
if you are using 11.4.0 or higher.
- EastCoast_16835AltostratusBecause of a bug it is not working in 11.4, minimum 11.5 is required.
- VernonWellsEmployee
It can be done with an iRule, as described here:
https://devcentral.f5.com/wiki/iRules.SSL__disable.ashx
The rule would look like this:
when HTTP_REQUEST { switch -glob [HTTP::uri] { "/shop" - "/shop/*" { SSL::disable serverside } } }
This requires that the attached Virtual Server has a
clientssl, aserverssland anhttpprofile attached.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com