Forum Discussion

Nimbostratus

Nov 13, 2014

Persistence Cookie Encryption

I noticed after upgrading to 11.5 in the cookie persistence profile, there is now an option for: Cookie Encryption Use Policy Encryption Passphrase Has anyone used this? Does it just encry...

application delivery

BIG-IP Access Policy Manager (APM)

Employee

Mar 31, 2015

I was wondering for a while what could be the use case for "Preferred". Generally, we would use either clear or encrypted cookies, so why having a "Preferred" option? Well, that's an excellent choice for a smooth transition from unencrypted to encrypted cookies. With "Cookie Encryption Use Policy" set to "Preferred", the system will generate encrypted cookies while still accepting the unencrypted cookies sent in the requests from previous clients.

This "Preferred" option should be kept for the duration of the cookie previously configured in the Cookie Persistence Profile ("Expiration" field). After that, all previous cookies should have either expired or been replaced by an encrypted one. For a Session Cookie, use your own judgement, I guess.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Persistence Cookie Encryption

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Let's Encrypt

Encrypting Cookies

Cookie Encryption

Decoding the IPv4 address from the persistence cookie

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS