Forum Discussion

Nimbostratus

Jun 01, 2009

iRule SSL passthrough

Hi I would like incoming SSL connection to terminate on the webserver, instead of the LTM. I have the below irule: when HTTP_REQUEST { SSL::disabl...

Cirrostratus

Jun 15, 2009

Hi Jan,

If you want to pass the SSL through, then you can configure a standard TCP virtual server without an HTTP profile. Typically, the virtual server and the pool member(s) should be configured on port 443.

If you want to decrypt the SSL, you need to import the cert and key, create a custom client SSL profile and add it to a standard TCP virtual server. Typically, the virtual server should be configured on port 443 and the pool member(s) should be configured on port 80.

If you try one of these options and it doesn't work, try posting your virtual server and profile configuration using 'b virtual VIRTUAL_NAME list' and 'b profile clientssl CLIENTSSL_PROFILE_NAME list'.

Aaron

Forum Discussion

iRule SSL passthrough

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

SSL passthrough VIP - mitigating birthday attack

SSL Passthrough, SSL Offloading and SSL Bridging

SSL Proxy

SSL Proxy/Passthrough Difficulties

SSL Passthrough on port