Forum Discussion

soamonkey_83593's avatar
soamonkey_83593
Icon for Nimbostratus rankNimbostratus
Oct 18, 2011

SSL Re-Encryption

I'm sure this has been asked and answered before but the only things I found when searching were pretty old. So my apologies.

 

 

I need to configure a pool with servers that require SSL connections. From what I have found this is called re-encryption.

 

 

 

HTTPS Client --> SSL F5 --> SSL server

 

 

 

Is there any current tutorial or explanation on how to do this? The F5 I am working with is running 9.3.1

 

 

 

Thanks

 

  • You may want to check out

     

     

    http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_implementation/sol_http_ssl.html

     

     

    Before you can load balance HTTPS traffic, you must create one or more SSL keys and certificates to install onto the BIG-IP system. With SSL keys and certificates, and a custom Client SSL and optional Server SSL profile that you create, the BIG-IP system can perform the SSL handshaking normally performed by a target web server.
  • But note that the above applies to BIG-IP LTM 10.2.3, 10.2.2, 10.2.1, 10.2.0.

     

    Since you are using a older version, there may be some UI changes and extra steps to be done. E.g. BIG-IP uses certificates and keys in the PEM format. In versions prior to version 10.1.0, all certificates and keys must be converted prior to importing. Below are further information.

     

     

    Overview of the Client SSL profile

     

    http://support.f5.com/kb/en-us/solutions/public/10000/100/sol10167.html

     

     

    Overview of the Server SSL profile

     

    http://support.f5.com/kb/en-us/solutions/public/11000/200/sol11220.html

     

     

    Managing SSL Traffic

     

    http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_configuration_guide_10_0_0/ltm_ssl_profiles.html