why do we attached http profile to SSL vip?
why do we attached http profile to vip on port 443?
My understanding that it is required for LB to understand web traffic after LB decrypt it..
Let me know your views..
Also..if there is redirect configured as below on vips : -
vip port80 (redirect to 443vip)----443 vip
if we remove ssl cert from 443 vip do we need to remove http profile from 443 vip?
HTTP profile is essentially a buffer+parser which checks whether the request format complies with the standard. When used, it opens up new possibilities for request/response adaption and payload modifications. It has some unintended benefits from the security standpoint too, for instance, it protects your web-servers from Slowloris attacks. So I would use it even when it's not a pre-requisite for your iRules or LTM policies.