Forum Discussion

Nimbostratus

Aug 14, 2012

SSL offload headers for ASM

Hi, Is there a way for an ASM box sitting behind an LTM box to know that SSL has been terminated on LTM? We add in similar headers for Weblogic which is behind ASM, but found that the allowe...

app sec

BIG-IP Access Policy Manager (APM)

security

Chris_Phillips

Nimbostratus

Aug 14, 2012

Ahh, so there's no header we could insert on the LTM's? Strange, I thought there would've been one. Given that we are ASMing some normal HTTP traffic as well as HTTPS, forcing a presumption on ASM doesn't seem appropriate, especiaily as we might be wanting to enable the internal parameters for secure cookies, as then we'd be setting secure on a non-secure cookie which sounds like a bad place to be!

Thanks guys, as always!

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SSL offload headers for ASM

Recent Discussions

MAC address of deleted VS IP address still responsive

Different common name ssl acces 403 forbiddent

dynamic signature detection

DNS HM Probe issue

F5 looses the token for the first call

Related Content

SSL Offloading for specific IPs or range of IPs

F5 Synthesis: Hybrid SSL Offload

AMQPs SSL offloading

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

C3D and header insert

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS