Forum Discussion

Nimbostratus

Jan 21, 2015

SSL cert in the F5 and in the respective web server

I would like to understand more about the different between putting the SSL cert in the F5 and in the individual wen server, i.e. apache ? What the pro and con ?

Nimbostratus

Jan 21, 2015

If you offload SSL to the F5 and do not re-encrypt send communicating with the web server it reduces the CPU load on the web server.

By ending the SSL tunnel on the F5 you have access to the data stream in case you need it for some reason. We need access to the data so we can make load balancing decisions and to maintain session persistence.

Now if you have to re-encrypt to communicate with the web server, then you are not reducing the overhead on the web server and unless you have to have the F5 examine the data steam you would just be adding overhead.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)