Forum Discussion

Kevin_Nail's avatar
Kevin_Nail
Icon for Nimbostratus rankNimbostratus
Dec 19, 2008

using XFF and https

Was wondering when using the X-Forwarded-For header on https if I need to terminate the entire SSL session on the LTM via a client-ssl profile or can I just use store a copy of the key decrypt the traffic?

 

 

Any thoughs are appreciated.

 

 

config
design
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Dec 19, 2008
    If you want to inspect or modify the HTTP headers or data, you'd need to decrypt the traffic on LTM using the SSL key configured in a client SSL profile. If the LTM to server connection needs to be encrypted, you could use a server SSL profile to re-encrypt the traffic.

     

     

    Aaron