Forum Discussion
T_Rajneesh
Nimbostratus
NimbostratusSSL issue "Server throwing SSL exceptions"
Hi, We have a setup where a request comes from Imperva to F5 will come as https but when sending request downstream to pool F5-> WCS, we are getting error. Possible the request needs to be modified...
Perfect!
Please, don't forget to score my answer (or marking as "the best") if it was helpful for you ;-)
Hello.
When you have a configuration like this in your virtual server
Client SSL profile: yes
Server SSL profile: none
You are already sending traffic offloaded to the backend server.
KR,
Dario.
T_RajneeshHi Dario, We have VIP with both Client & Server SSL offloading but here we have an I rule attached to this VIP, stating to send the request to other pool not associated to this VIP whose node/ server listening in port 3737 example VIP Test..443 Pool abc. Server 1 -443 Server 2-443 But irule attached in this VIP to sent traffic to Pool xyx Server 3-3737You can have a VS with both SSL profiles (client & server) and desactivate one of them using an iRule (or even better a policy).
One example:
>> VS
ltm virtual VS-TEST_443 { destination 10.1.1.1:https ip-protocol tcp mask 255.255.255.255 pool P-ABC_443 profiles { clientssl { context clientside } http { } serverssl { context serverside } tcp { } } source 0.0.0.0/0 source-address-translation { type automap } translate-address enabled translate-port enabled }>> RULE
when HTTP_REQUEST { if { [HTTP::host] equals "url.com"}{ SSL::disable serverside pool P-XYZ_3737 } }IMPORTANT: the communication to the backend P-XYZ_3737 should have to be using HTTP (not HTTPS), to avoid errors.
KR,
Dario.
- T_Rajneesh
Hi Dario,
Thanks for you reply. I will apply it and update you status.
Regards,
Rajneesh
Perfect!
Please, don't forget to score my answer (or marking as "the best") if it was helpful for you ;-)