SSL Full Proxy - SSL Re-Encryption performance degradation
Hi, We have traditionally been a shop that used SSL encryption to the F5 and decrypted text to webservers (https to F5 and http to webservers). We are being asked to encrypt the full route. We also use host headers for irule redirections in some cases and for persistence.
With this being said it seems like our only option is SSL decryption at the F5 and re-encryption back to the webservers.
with this extra encryption decryption, is there any performance degradation for sites that get high traffic? Any documentation on this specific issue?
thanks in advance.
Hello LanceLyons , Kai_Wilke provided a full list what can cause you such issues and if this helped please mark his reply as a solution. Outside of that if you are using a hardware device maybe see if hardware ssl ciphers are used for better performance as mentioned in https://support.f5.com/csp/article/K75983426 / https://support.f5.com/csp/article/K50459385 / https://support.f5.com/csp/article/K13213 and the /var/log/ltm if you are hitting some license limit for example.