SSL Offloading

Question

I've started performing ssl offloading for our most of our applications, but have hit a snag, not with the offload process but with our application, that I can't seem to figure out.  Our domain uses a CDN network to serve all images.  This CDN requires us to use different url's for depending on http or https.  Before the ssl offloading, the code was checking https in the ServerVariables.  This is not going to work if the F5 is performing the offloading as this will always be set to false.  I was thinking of creating a header variable and setting it to false under the http virtual server and setting it to true under the https virtual server.  My dev team can then determine if ssl is used based on this variable.  Does anybody think there is a better way?

hooleylist · Answer

That would be an effective way to differentiate between HTTP and HTTPS at the app layer when using SSL offloading.  You can insert a custom header on the HTTP profile  I'd suggest clearing the header prior to that with the header to remove option on the HTTP profile.  You can check the online help for HTTP profiles for details. 
&nbsp;  
&nbsp; Aaron

fotios_30046 · Answer

I created two custom headers, one that sets a variable to off and on, for http and https respecitivey.  Since I have a different VS for http and https, I was going to set the profile here and let it fly. 
&nbsp;  
&nbsp; Thoughts?

kirk_bauer_1018 · Answer

That would work!

Forum Discussion

SSL Offloading

3 Replies

Recent Discussions

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Related Content

SSL Offload with HTTP/2.0

SSL Offloading for specific IPs or range of IPs

F5 SSL Offload behind Nginx Reverse Proxy

F5 Synthesis: Hybrid SSL Offload

SSL Profiles