Forum Discussion

GLM_191985

Cirrus

Mar 01, 2019

SSL Offloading

So basically when SSL get offloaded , it is in a plain text and it has to be forward to any port which understand plain text so when it's again 443 on server. Does it understand traffic ??

application delivery

LTM

Dylan_375544

Cirrocumulus

When SSL is offloaded to the BIG-IP, the traffic must be sent to a port that is listening for and expecting NON encrypted traffic (port 80). If you send it to a back-end server that is expecting 443, or encrypted traffic, it will not understand it.

HERE is some good info on that topic!

Hope that helps! If it does please up-vote and select this answer, it'd be greatly appreciated!

-Dylan

Michael_Saleem1

Cirrus

Mar 01, 2019

SSL Termination Mode Description SSL Profiles

SSL Offload The SSL certificate is terminated on the virtual server only. The BIG-IP receives the encrypted traffic, decrypts it and forwards it plain text to the backend servers This reduces processing burden on the backend servers and therefore increases performance CLIENT-SSL PROFILE

SSL Bridging The SSL certificate is terminated on *BOTH* the virtual server and backend servers. This is referred to end-to-end encryption. The BIG-IP receives encrypted traffic, decrypts and re-encrypts it on the backend, forwarding it encrypted to the backend servers CLIENT-SSL PROFILE & SERVER-SSL PROFILE

SSL Pass Through The SSL certificate is terminated on the backend servers only. The BIG-IP simply forwards the SSL encrypted traffic to the backend servers NO SSL PROFILE

Forum Discussion

SSL Offloading

Recent Discussions

Find GSLB pool membership from vip IP

Pool Members communication with B-party via F5 VIP

Server 2 causing application slowness

F5Access | MacOS Sonoma

AS3 Deployments (shared objects)

Related Content

SSL Offload with HTTP/2.0

SSL Offloading for specific IPs or range of IPs

F5 SSL Offload behind Nginx Reverse Proxy

F5 Synthesis: Hybrid SSL Offload

HTTPS offload rewriting