Forum Discussion
soamonkey_83593
Nimbostratus
NimbostratusSSL Re-Encryption
I'm sure this has been asked and answered before but the only things I found when searching were pretty old. So my apologies.
I need to configure a pool with servers that require SSL connections. From what I have found this is called re-encryption.
HTTPS Client --> SSL F5 --> SSL server
Is there any current tutorial or explanation on how to do this? The F5 I am working with is running 9.3.1
Thanks
2 Replies
BT_90520You may want to check out
http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementation/sol_http_ssl.html
Before you can load balance HTTPS traffic, you must create one or more SSL keys and certificates to install onto the BIG-IP system. With SSL keys and certificates, and a custom Client SSL and optional Server SSL profile that you create, the BIG-IP system can perform the SSL handshaking normally performed by a target web server.- BT_90520But note that the above applies to BIG-IP LTM 10.2.3, 10.2.2, 10.2.1, 10.2.0.
Since you are using a older version, there may be some UI changes and extra steps to be done. E.g. BIG-IP uses certificates and keys in the PEM format. In versions prior to version 10.1.0, all certificates and keys must be converted prior to importing. Below are further information.
Overview of the Client SSL profile
http://support.f5.com/kb/en-us/solutions/public/10000/100/sol10167.html
Overview of the Server SSL profile
http://support.f5.com/kb/en-us/solutions/public/11000/200/sol11220.html
Managing SSL Traffic
http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_configuration_guide_10_0_0/ltm_ssl_profiles.html
