SSL Cert Issue
In process of migrating applications from cisco ACE to F5 LTM. We are running into an issue with an application with ssl offload .
on cisco ACE we have client ssl initiation and server ssl termination defined. When I set the same on F5 . CLient is not able to access the application . So removed the ssl profile and with basic setup i.e source persistence, TCP protocol ,SNAT . CLient is able to access the application through a dedicated software but the GUI access is not working .
attaching cisco ACE ssl config . please assist me with f5 LTM setup.
policy-map type loadbalance first-match QA__POLICY class class-default sticky-serverfarm QA_STICKY ssl-proxy client QA_SERVER
ssl-proxy service QA_SERVER ssl advanced-options PARAMMAP_SSL_INITIATION
parameter-map type ssl PARAMMAP_SSL_INITIATION cipher RSA_WITH_RC4_128_MD5 cipher RSA_WITH_RC4_128_SHA cipher RSA_EXPORT_WITH_RC4_40_MD5 cipher RSA_EXPORT_WITH_DES40_CBC_SHA
parameter-map type ssl QA_SSL_TERMINATION cipher RSA_WITH_RC4_128_MD5 cipher RSA_WITH_3DES_EDE_CBC_SHA cipher RSA_WITH_AES_128_CBC_SHA priority 2 cipher RSA_WITH_AES_256_CBC_SHA priority 3
ssl-proxy service QA_SSL_SERVER key qakey.key cert qacert.pem ssl advanced-options QA_SSL_TERMINATION
policy-map multi-match POLICY class QA_CLASS loadbalance vip inservice loadbalance policy QA_POLICY loadbalance vip icmp-reply active nat dynamic 12 vlan 20 ssl-proxy server QA_SSL_SERVER