Forum Discussion
smedakkar_85975
Jan 08, 2013Nimbostratus
Initially I didn't have an iRule, which resulted in the client's browser not displaying the page returned from the server. So I thought I'd add an iRule into the mix just to see what what was going on. As you can see, the iRule simply logs when the client's request is decrypted and then logs again when the server's response is decrypted. This works fine and confirms that the client-side SSL is being terminated on the BIG-IP and then another server-side SSL is being established to the virtual server.
Without the client and server profiles defined, just as you said, I can get SSL passthrough working, but unfortunately that's not the configuration I need to implement. My requirement is to have the client SSL terminated on the BIG-IP and re-encrypted between it and the server. The server offers up a CA signed certificate, which I've used to configure a custom client side SSL profile with. And I've got a self signed certificate on the server SSL profile to use to re-encrypt the request on the server-side.
I though I could make it work using an iRule ... but as you can see - no :-( I'm sure I've missed something but I just can't see what it is.