Forum Discussion
NimbostratusPreferred Cookie Encryption Policy Doesn't Work!!!
We need to encrypt the F5 BigIP cookie value. However, we have some integration will send out encode BigIP cookie value (not encrypted) to F5. We followed the instructions below. But we still cannot let F5 to locate to the right server using encode cookie value. https://support.f5.com/kb/en-us/solutions/public/k/23/sol23254150.html
For example, the original BigIP cookie is something like below: BIGipServerxxx.com_1080=rd13o00000000000000000000ffff0a12341fo1080
After enabled the cookie encryption, it becomes something like: BIGipServerxxx.com_1080=!uVEJkUKJD6dBRac7a9IoGymsGs7Gj6WAC1kK8Amxz3pGJGr/z7V7FEAJS4Cir04lI6T+h0V+LjUWLnSrFbYCZugeum2JeTOyBAgejyEtEhs=
If I send the request with BIGipServerxxx.com_1080=rd13o00000000000000000000ffff0a12341fo1080, F5 will be failed to locate to the right server. So, seems the F5 cannot recognize the encode value with the encryption enabled.
1 Reply
IanBEmployee
If I understand your question correctly, you're saying that if you send an unencrypted persistence cookie to the LTM when it is configured for cookie encryption on that virtual server, then it fails to recognise the cookie. If that's what you're saying, then that's working as designed.
An unencrypted cookie comes in, and it decrypts it by passing it through AES, and what comes out is not valid, so it is discarded.
Why would you be sending both encrypted and unencrypted cookies to the same virtual server ?
