Forum Discussion

Nimbostratus

Aug 31, 2009

SSL in backend servers does not support cookie persistence?

I have three IIS servers behind the F5. SSL function is not offloaded to F5. I have enabled certificates on the IIS servers to encrypt the connection. If I choose "none" for my http pr...

Employee

Aug 31, 2009

Cookie persistence requires an HTTP profile.

In fact, if you aren't terminating SSL on the BigIP, your persistence options become very limiting. You have source and destination address and SSL session ID. Destination doesn't really make sense unless combined with other values, and source address can change if clients (or your servers) are behind NATs. SSL session ID is also difficult to persist off of because browsers will renegotiate SSL at their will.

Kevin

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL in backend servers does not support cookie persistence?

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

F5 XC – Persistence and Resiliency pt. I (persistence)

SSL Offloading and Backend pool https

DNS load balancing to backend servers using GTM/LTM.

Overview of MITRE ATT&CK Tactic : TA0003 - Persistence

Backend server IP not visible in TCP dump

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS