Forum Discussion

Prasath_Varatha's avatar
Prasath_Varatha
Icon for Nimbostratus rankNimbostratus
Mar 01, 2016

Passphrase for cookie encryption profile

Is it mandatory to enable and provide "Cookie Encryption Passphrase" while creating a http profile for cookie encryption.

 

At present I have created a http profile with no passphrase and the cookie is not encrypted. Is it possible that F5 uses any default passphrase if we do not check the Cookie Encryption Passphrase box .

 

application delivery
LTM
  • BinaryCanary_19's avatar
    BinaryCanary_19
    Mar 01, 2016

    If you want cookie encryption, then yes. A passphrase is mandatory, as well as the names of the cookies you want encrypted.

     

    No, cookies are not encrypted by default.

     

  • BinaryCanary_19's avatar
    BinaryCanary_19
    Historic F5 Account
    Mar 01, 2016

    If you want cookie encryption, then yes. A passphrase is mandatory, as well as the names of the cookies you want encrypted.

     

    No, cookies are not encrypted by default.

     

    • Prasath_Varatha's avatar
      Prasath_Varatha
      Icon for Nimbostratus rankNimbostratus
      Mar 01, 2016
      Thanks for your reply. Can I know why a passpharse is required to encrypt cookie, how it works ? if you give/suggest a link learn them it would be helpful. Thanks again.