Forum Discussion
NimbostratusSSL communication via 443 without any certificate
I got a set up here client - F5 - server. Client talks with F5 via https port 443. I cant see any client ssl profile in Virtual server. so my question is how SSL working here without any certificate installed in F5? if someone can elaborate with an example that would be great
Ryan_80361Cirrostratus
Your virtual server is configured for SSL passthrough. You're passing through the SSL connection to the pool members without terminating on your F5.
DevCentral has plenty of examples of SSL passthrough/bridging/offloading.
m1978_295079My scenerio actually not pass through, rather ssl offload, client to F5 is https port 443, and from F5 to server is http. My question is there any default certificate is being used during communication between F5 and client ?
RyannnnnnnnnAltocumulus
Your virtual server is configured for SSL passthrough. You're passing through the SSL connection to the pool members without terminating on your F5.
DevCentral has plenty of examples of SSL passthrough/bridging/offloading.
- m1978_295079
My scenerio actually not pass through, rather ssl offload, client to F5 is https port 443, and from F5 to server is http. My question is there any default certificate is being used during communication between F5 and client ?
- MvdG
Cirrus
Don't you see a client SSL profile or don't you see the option to configure a client SSL profile? Check your virtual server type. Maybe it is a Performance Layer 4 virtual server.
dragonflymrHi,
To do SSL Offload on F5 you need at least:
Standard type VS Clientssl profile assigned to VS
I any above condition is not meet there is no SSL Offload performed by VS, and if client can establish SSL session then you have SSL Passtrough as already mentioned - client is talking directly with pool members.
You can easily check it doing tcpdump on BIG-IP external and internal VLANs.
Piotr
