Forum Discussion

Nimbostratus

Aug 15, 2014

Solved

SWG Evaluation

Hey There, We're evaluating the SWG module to see if it fits well in a consolidation piece we're looking to perform. So far the base configuration seems convoluted, when compared with other forw...

application delivery

BIG-IP Access Policy Manager (APM)

Yann_Desmarest_
Aug 19, 2014
In fact, you can do SSL interception with embedded certificates (ex: "default" for F5).

You have to make sure of two things : - the Certificate is trusted by users, - the certificate is able to sign child certificates (keyring).

Please find below two links : - generating certificates for SSL interception : http://communicationsfinance.com/wp-content/uploads/2013/04/SSL-Interception-on-Proxy-SG.pdf - Configuring SSL Forward Proxy on F5 : http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-5-1/16.htmlconceptid

Yann_Desmarest_

Nacreous

Aug 19, 2014

In fact, you can do SSL interception with embedded certificates (ex: "default" for F5).

You have to make sure of two things : - the Certificate is trusted by users, - the certificate is able to sign child certificates (keyring).

Please find below two links : - generating certificates for SSL interception : http://communicationsfinance.com/wp-content/uploads/2013/04/SSL-Interception-on-Proxy-SG.pdf - Configuring SSL Forward Proxy on F5 : http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-5-1/16.htmlconceptid