In this episode of Whiteboard Wednesday, Jason continues the proxy discussion from last episode with a breakdown of the ProxySSL and SSL Forward Proxy solutions available on the BIG-IP.
Reso...
Complete SSL passthrough where you simply load balance is possible...unfortunately the proxySSL capability extendng to ECC and the likes is a limitation within the protocols. Alternative to simple load balancing for non RSA key exchange at this point is offload with client auth moved forward from the app to the BIG-IP.