Forum Discussion
meena_60183
Nimbostratus
NimbostratusSSL offload, ASM and server SSL
Hi All,
I have a web application that is configured on the LTM and SSL termination is done on the F5 with a valid cert and encrypted again with a self-signed cert on the backend to make the traffic encrypted end to end.
Now, I have a requirement to turn on ASM. ASM and LTM are on the same box and running 9.4.6 code.
Is it possible to do SSL offload, do ASM piece, encrypt again before sending it to the server?
I am only familiar with the LTM and I need to figure out how to integrate this with the ASM now?
I would appreciate any pointers.
Meena
3 Replies
- Hey Meena,
This is certainly possible, so long as the LTM is decrypting the traffic from the client. In fact, with the ASM as a module on the same device, this shouldn't require that different a configuration at all. With your client and server SSL profiles configured just as they would normally be, you can simply configure your HTTP Class with ASM enabled, assign it to the virtual server (along with an HTTP profile if one was not already present), and you should be set to go.
Cheers!
// Ben 
meena_60183Thank you Ben!
I added it and still trying to figure out exactly what needs to be done.
I am reading about it now.
Meena
Smithy_8719Meena,
I'm doing exactly that now. Just make sure you have applied a http profile. With clientssl and serverssl on the virtual server.
Smithy
