Forum Discussion
Altostratuswhy we need SSL Bridging ?
Hi F5 Experts ,
Why we need SSL Bridging ? Why we need to terminate SSL on Both Virtual Server and Backend Server ? What is the need of having 2 time ssl termination here - One in f5 and one in Web server?
The main concept of SSL offloading is to relieve a web server of the processing burden of decrypting and/or encrypting traffic sent via SSL , But using SSL Bridging we will again have processing burden of decrypting and/or encrypting traffic on web server .Instead we can have SSL-Pass through only !
Please let me know the reason behind using SSL Bridging .
Regards , SM
Dylan_375544Cirrocumulus
Some Companies require that traffic is encrypted EVERYWHERE on the network.
In order to appease them, AND still be able to view and modify traffic on the BIG-IP, it would need to be decrypted on the BIG-IP and then re-encrypted before being sent through the network to the back-end servers.
Hope that helps! If it does, please up-vote and select this answer! It would be greatly appreciated.
-Dylan
RicoCirrus
From an F5 perspective, it allows load balancing decisions to be made based on the encrypted data, traffic can be modified based on iRules, and, as Dylan stated above, security is very important to many major companies storing sensitive data. Plus, with the heavy reliance on cloud devices and external services, its quite possible to have to load balance to servers that require a public connection to get to. Unless you want to send plain text out to Amazon's cloud service, SSL bridging is your best bet.