Forum Discussion
Server-side SSL
We currently have this same setup where we are doing offloading on the LTM's, then from the LTM's to the web servers we are using the Server SSL functionality. The certs we are using on the Server SSL profile are the defaults. Everything works fine. Something that bothers me though is how this is actually working, for the Server SSL to work, the LTM is essentially acting as an SSL client to the server, correct? So how is the server decrypting the traffic from the LTM if it doesn't have the private key of default cert of the LTM?
Thank you
As F5 works as a full proxy device. Think it like this. When you try to launch a web page are you presenting any cert? No right. When the F5's front end ssl decrypts the traffic. F5 initiates an ssl handshake to the backend server where it gets the cert and public key from the backend server(treat f5 as your laptop here). Now f5 encrypts the traffic with public key offered and backend server decrypts with its private key.
Thank you.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com