Forum Discussion
We don't actually log those keys to disk, we keep them in memory (protected) and process with the traffic mirrored to the device, once done we rollout keys from device memory. Deployment would be like the one described in the article https://devcentral.f5.com/s/articles/lightboard-lesson-perfect-forward-secrecy-inspection-visibility...
Deployment:
External Client ----> Big IP ------> Internal Servers
External Virtual Server
|
| TLS 1.3 keys (Sideband TCP)
v
BigIP Internal Virtual Server ---------> Pool (HTTP/HTTPS) ---> Pool Device (HTTP/HTTPS Internal Detection Device )
In this deployment from External Virtual Server to Internal Virtual Server the TLS 1.3 keys are shared via TCP sideband, this part is OK and I am able to see that data on the wire.
Now to share keys from Internal Virtual Server to the Pool and Pool device, how do we configure HTTP/HTTPS authentication?