What I should use HTTP or HTTPS in policies?

Question

hello,&nbsp;
&nbsp;I just start working with ASM and there is some details confusing me I hope you help me with that.&nbsp;
&nbsp;In Application-Ready Security Policies there is two type of template HTTP and HTTPS.&nbsp;
&nbsp;What is the different between these policies?&nbsp;
&nbsp;If I was using https and decrypt the data in LTM then sent to ASM decrypted in this case, what I should use
&nbsp;HTTP or HTTPS?&nbsp;
&nbsp;Thank you in advance.&nbsp;

ido_breger_3805 · Answer

Hi, 
&nbsp; You should use HTTPS in this case. 
&nbsp; Cheers, 
&nbsp; Ido

hooleylist · Answer

As Ido says, you'll want to set the protocol to what the virtual server is using on the client side. 
&nbsp;  
&nbsp; Aaron

infosec_38553 · Answer

Thank you all,&nbsp;&nbsp;
&nbsp;I just need more details.&nbsp;
&nbsp;I decided to build the policy in manual (from scratch) and my web site using HTTP and HTTPS together.&nbsp;
&nbsp;Do I need the protocol only when I set the URLs in my policy or I should have two versions one for HTTP and the other for HTTPS?&nbsp;
&nbsp;I think one version is Enough, but to make sure.&nbsp;

Forum Discussion

What I should use HTTP or HTTPS in policies?

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

LTM Policy Recipes II

ASM Policy Report

Simple HTTP Authentication server

Disabling HTTP Processing For Unrecognized HTTP Methods

HTTP Forward Proxy (implemented with http-explicit HTTP Profile) filtering iRule - v1.0

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS