Forum Discussion

Harold_Deadman_'s avatar
Harold_Deadman_
Icon for Nimbostratus rankNimbostratus
Sep 28, 2011

what is appropriate way to use SSL::disable serverside/ SSL::enable serverside

We have a requirement to encrypt server-side traffic between the F5 and our SSO web application (CAS) because passwords are transmitted. Our F5 VIP has several different applications behind it on seve...
application delivery
dev
devops
iRules
Harold_Deadman_'s avatar
Harold_Deadman_
Icon for Nimbostratus rankNimbostratus
Sep 28, 2011
That works much better. I am not sure why it wasn't working for me (performance-wise) when I was doing the SSL::disable in HTTP_REQUEST prior to the pool statement but this is cleaner because it doesn't clutter up the HTTP_REQUEST part of the i-rule (and performance seems to be good). Maybe the server_connected event is firing less often...

 

 

Unfortunately I had my i-rule in our development environment for a couple months and we noticed the slowness but we didn't figure out that it was i-rule until we made the change in production. Unfortunately that roll-out coincided with some ISP problems so we didn't immediately pin the problem on the i-rule change.

 

 

Thanks for your help.