SSL Offloading

Question

I've started performing ssl offloading for our most of our applications, but have hit a snag, not with the offload process but with our application, that I can't seem to figure out.  Our domain uses a CDN network to serve all images.  This CDN requires us to use different url's for depending on http or https.  Before the ssl offloading, the code was checking https in the ServerVariables.  This is not going to work if the F5 is performing the offloading as this will always be set to false.  I was thinking of creating a header variable and setting it to false under the http virtual server and setting it to true under the https virtual server.  My dev team can then determine if ssl is used based on this variable.  Does anybody think there is a better way?

hoolio · Answer

That would be an effective way to differentiate between HTTP and HTTPS at the app layer when using SSL offloading.  You can insert a custom header on the HTTP profile  I'd suggest clearing the header prior to that with the header to remove option on the HTTP profile.  You can check the online help for HTTP profiles for details. 
&nbsp;  
&nbsp; Aaron

fotios_30046 · Answer

I created two custom headers, one that sets a variable to off and on, for http and https respecitivey.  Since I have a different VS for http and https, I was going to set the profile here and let it fly. 
&nbsp;  
&nbsp; Thoughts?

kirk_bauer_1018 · Answer

That would work!

Forum Discussion

SSL Offloading

Recent Discussions

How to Renew F5 Device Certificate

UCS backup not loading Big IP DNS pool

XC Bot defense question

Big-IP not recognized by Big-IQ

Application only need to access from 2 uris

Related Content

SSL Offload with HTTP/2.0

F5 SSL Offload behind Nginx Reverse Proxy

F5 Synthesis: Hybrid SSL Offload

FTPS Offload via iRules

HTTPS offload rewriting

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS