Forum Discussion
T_Rajneesh
Jun 19, 2019Nimbostratus
SSL issue "Server throwing SSL exceptions"
Hi, We have a setup where a request comes from Imperva to F5 will come as https but when sending request downstream to pool F5-> WCS, we are getting error. Possible the request needs to be modified...
- Jun 21, 2019
Perfect!
Please, don't forget to score my answer (or marking as "the best") if it was helpful for you ;-)
T_Rajneesh
Nimbostratus
Hi Dario,
We have VIP with both Client & Server SSL offloading but here we have an I rule attached to this VIP, stating to send the request to other pool not associated to this VIP whose node/ server listening in port 3737
example
VIP Test..443
Pool abc.
Server 1 -443
Server 2-443
But irule attached in this VIP to sent traffic to
Pool xyx
Server 3-3737
Jun 20, 2019
You can have a VS with both SSL profiles (client & server) and desactivate one of them using an iRule (or even better a policy).
One example:
>> VS
ltm virtual VS-TEST_443 {
destination 10.1.1.1:https
ip-protocol tcp
mask 255.255.255.255
pool P-ABC_443
profiles {
clientssl {
context clientside
}
http { }
serverssl {
context serverside
}
tcp { }
}
source 0.0.0.0/0
source-address-translation {
type automap
}
translate-address enabled
translate-port enabled
}
>> RULE
when HTTP_REQUEST {
if { [HTTP::host] equals "url.com"}{
SSL::disable serverside
pool P-XYZ_3737
}
}
IMPORTANT: the communication to the backend P-XYZ_3737 should have to be using HTTP (not HTTPS), to avoid errors.
KR,
Dario.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects