Forum Discussion

sgnormo's avatar
sgnormo
Icon for Cirrus rankCirrus
Nov 25, 2022
Solved

C3D and header insert

Have a F5 that is a WAF so is performing the break and inspect on user web traffic sending through the ASM module.  Since the customers backend requires a user certificate I explained to the user the...
  • Kevin_Stewart's avatar
    Kevin_Stewart
    Nov 28, 2022

    If I may add, 

    Proxy SSL would only be useful if a) you could guarantee only (legacy) RSA TLS handshakes, and b) you had a copy of the backend server's private keys. Proxy SSL can only be used with RSA handshakes, so would never work with most modern crypto, including TLS1.3.

    Nikoolayy1 has the right answer. Because C3D is actively decrypting the traffic in the proxy, you can add an HTTP profile and use HTTP iRules here to inject HTTP headers.