Forum Discussion

Zainal_Abidin_1's avatar
Zainal_Abidin_1
Icon for Nimbostratus rankNimbostratus
Jul 02, 2014

SSL make login slow

Hi,   We're apache web server to host my application. At front we have F5 LTM 1600. Last engineer who setting this SSL is redirect on F5. On apache web server i did not find any SSL cert. It's usin...
application delivery
LTM
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Jul 02, 2014

We need to create new iRule. Can use like this:

The very basic expression for this would be:

 

{@http://@https://@}

 

Unless you need something more specific. Before you add this iRule though, I highly recommend you do the client side capture to determine if its actually needed (excessive HTTP-to-HTTPS redirects).

Also on on SSL_client properties in Ciphers we just use default. Can it be default or need to put any parameter?

The DEFAULT cipher profile is reasonably well tuned (and hardware accelerated). There's rarely a reason to vary from this setting.

Can we put this on Ciphers box?

Keep in mind that this is going, I assume, in the client SSL profile, which affects the SSL communications between the client and the VIP. If the clients are regular browsers, you shouldn't need to modify the DEFAULT cipher profile.