Forum Discussion

Born_7758's avatar
Icon for Nimbostratus rankNimbostratus
Jun 21, 2011

SSL Offloading

Hello Everyone,



I am trying to put together an iRule that will terminate a client-to-F5 SSL session and establish an new SSL session for F5-to-server. I am pretty new at this, but here is an iRule I wrote that seems like it would do what I want it to do but I would like to get some input from you guys before I submit it.






SSL::disable clientside


SSL::enable serverside







Thanks in advance.




4 Replies

  • Hi Born,



    You don't need an iRule for this. Just add a client SSL and server SSL profile to the virtual server. You'll want to import the server SSL cert and key and create a custom client SSL profile to do this.



  • Oh okay.



    If I am given a *.p7b file and a .cer file, which one is used for which? Or are they both used to create the custom clientssl profile?
  • p7b should be a pkcs7 cert file. cer should be a DER cert and key file. To import the cert(s) and key, convert them to PEM format. You can use openssl on LTM to do this:






    x509 –in cert.der –inform DER –out cert.pem –outform PEM