Forum Discussion

Nimbostratus

Nov 30, 2006

SSL enabling towards Internet

Hi, I want to know if its possible for the LTM to terminate HTTPS on the client side, redirect the unencrypted HTTP to a pool of HTTP proxies and re-enable SSL on the way out to the internet. ...

Nimbostratus

Nov 30, 2006

That's actually the default scenario. If you enable SSL on the client side, but then you simply configure the pool members to respond on whatever port they listen on (80, for example), it will decrypt the traffic and forward it unencrypted to the pool members. You would actually have to configure another SSL profile for the server side if you wanted it encrypted between the F5's and the pool members as well.

For the record, I use the same scenario, because the traffic passes through IDP's in the process, and I don't want it encrypted at that point.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SSL enabling towards Internet

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

Best practice for network communication with LDAP server

Mutual TSL Between Two BigIPs

Question regarding F5 Viprion Configuration Migration to VE.

Big-Ip Edge Client specials characters problems

Which encyrtion algorithm is used when making Kerberos ticket encyrtion.

Related Content

Action Items in OMB Memorandum M-22-09 “Moving the U.S. Government Toward Zero Trust...”

Protect an application exposed on Internet with F5 XC WAAP

enable WebSocket profile.

The sooner the better: Web App Scanning Without Internet Exposure

Enable SAML Service Provider on F5 Distributed Cloud Application

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS