Encryption SSL configs

Question

Hi Guys,&nbsp;
Is it possible that the communication will still be secured if I remove the SSL client profile? &nbsp;

ianb · Answer

Yes, you could have a virtual server listening with no clientssl profile, and it will just be passing anything that it receives from the client through to the pool member, so the pool member could certainly negotiate SSL with the client without the LTM being involved in the SSL at all.&nbsp;
The advantage of using a clientssl profile is that you can offload the cpu intensive work of encrypting the data to the hardware available in the BigIP, reducing the CPU load of your pool members&nbsp;

Forum Discussion

Encryption SSL configs

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Enabling AVR and creating Profiles

Get associated pool name from VIP IP using F5-LTM

Disacard SSL::cert mode to ignore when default SSLClient profile is set to request or require

Related Content

SSL Full Proxy - SSL Re-Encryption performance degradation

virtual server config

Lock and Key - Encrypting EBS Disk Volumes for BIG-IP AWS Deployments

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

SSL protocol mismatch