Serving Port 80 and 443 for a web application

Question

We have a web server which has historically only run on port 443.  In order to use ACME for automated cert issuance, I have to allow port 80 through to the web server.  I've configured the web server to listen on 80, allowed the port in local firewall and perimeter firewall, and created a virtual server at the F5 pointing to the same internal IP as the functional 443 application.&nbsp;
When I attempt to access it over the internet, I get a generic timeout error.&nbsp;
I suspect the issue has to do with our APM and the establishment of SSL, but I don't know how to get around that.  What is the correct way to set up a virtual server and APM policy to handle both 80 and 443 to the same machine?&nbsp;

kevin_stewart · Answer

There's a Secure setting in the Cookie Options of the APM profile - SSO/Auth Domains tab. This option, when enabled (by default) instructs the browser to only use the APM session cookie over HTTPS connections.&nbsp;
I might caution that if a single access session is to be used across 80 and 443 connections, there's a risk of compromising the HTTPS session if the cookie is stolen. It may be better to isolate the 80 and 443 traffic into separate policies.&nbsp;

Forum Discussion

Serving Port 80 and 443 for a web application

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Introducing the F5 Application Study Tool (AST)

Free Passes to AppWorld 2025 – First Come, First Served!

iRule to serve security.txt file - RFC 9116

System Prerequisites for Deploying the Application Study Tool

Serving or browsing iFiles

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS