Forum Discussion

Nimbostratus

Mar 16, 2010

SSL verification

We do SSL offloading on the LTM but some of our sites are built to detect if the connection is coming in encrypted or not. We would rather not re-encrypt it back to the server for several reasons. I...

config

design

Justinian_48178

Nimbostratus

Jun 07, 2010

Would you guys do this through a custom iRule or by custom http profile(s)? We currently inject FRONT-END-HTTPS: on for our secure sites, but we found out that if the client injects that header, we accept it and send them as if they are secure.

For the simple test we did we were able to get around that issue by creating a non-secure http profile that removed the header, and a secure http profile that added the header. We then built two virtual servers and applied the appropriate rule to each VS (port 80 and 443). Is this what everyone else is doing, or are you guys building a iRule to detect it being sent from the client before injecting it to the server?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SSL verification

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

About F5 idle timeout and keep-alive

Problem with sending BotDefense logs to remote server

OSPF traps on BIG-IP v14

[APM] - How to clear the cached certificate for specific url

Audit Logging on LTM and GTM

Related Content

SSL Bridging verification

Google Authenticator Token Verification iRule For APM

OS version verification

Configure NGINX microgateway for MTLS termination and client certificate hash verification

SSL Orchestrator Service Extensions: User Coaching

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS