Forum Discussion
Gus_Thompson_11
Oct 29, 2007Nimbostratus
Hey guys,
The way we are set up is that web servers talk to the Big-IP during a HTTPS session using HTTPS. The Big-IP's have the certs and keys loaded, including the pass phrase. The clients don't talk to the web servers directly, but go through the Big-IP. I'm assuming that the web server establishes a HTTPS session with the Big-IP, then the Big-IP rewrites the session and presents it to the client. At least that was our intention to keep our HTTPS sessions encrypted when talking to the Big-IP's so that plain text transactions could not be captured.
Let me know if that answers your question.
Thanks for your help,
Gus