VS on https with offloading and pool on different port non ssl

Question

We have a server which we configured in a pool and the server listens on port 7003, un-encrypted. We access the real server with the URL as http://:7003/ &nbsp;
We need to configure a virtual server with ssl offloading on it so our requirement is to access the virtual server on url, https://. &nbsp;
We have been able to achieve this by making is a performance-l4, fast-http. But we could only get to reach http:// by which we are unable to achieve ssl offloading. When we choose performance-l4 &amp; fast-http, we cannot get an option to configure the ssl certificate.&nbsp;

vijay_e · Answer

You need to be able to add "Client SSL Certificate" using the client-ssl profile for SSL offloading. I know it works well with Standard VS. &nbsp;

robert_luechte1 · Answer

Odaah is correct, you need to do this with a standard virtual server.  &nbsp;
If I understand you correctly, you are trying to do a port 443 to port 7003 conversion?  And the 7003 connection should be unencrypted, correct?&nbsp;
If this is the case, you will need to create a pool for your servers using port 7003.  Then you will create a virtual server using you VIP IP address.  This services will listen on port 443.  You'll need to assign it a HTTP profile, and then assign a client ssl profile with the certificate you want to use.  Make the pool you defined above your default pool.  Do not assign a server-side SSL profile.&nbsp;
This should get you the 443 to 7003 port conversion with no encryption on the server side.&nbsp;

robert_luechte2 · Answer

Odaah is correct, you need to do this with a standard virtual server.  &nbsp;
If I understand you correctly, you are trying to do a port 443 to port 7003 conversion?  And the 7003 connection should be unencrypted, correct?&nbsp;
If this is the case, you will need to create a pool for your servers using port 7003.  Then you will create a virtual server using you VIP IP address.  This services will listen on port 443.  You'll need to assign it a HTTP profile, and then assign a client ssl profile with the certificate you want to use.  Make the pool you defined above your default pool.  Do not assign a server-side SSL profile.&nbsp;
This should get you the 443 to 7003 port conversion with no encryption on the server side.&nbsp;

dotnwadm_174472 · Answer

Hi Robert,

Your understanding is correct. The steps mentioned by you have already been followed though without success.

dotnwadm_174472 · Answer

Hi Robert,

Your understanding is correct. The steps mentioned by you have already been followed though without success.

Forum Discussion

VS on https with offloading and pool on different port non ssl

9 Replies

Recent Discussions

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Related Content

SSL Offload with HTTP/2.0

HTTPS offload rewriting

Http monitor on different port

Copper SFP Differences

HTTP Multipart and Security Implications