Old web application support through F5 LTM

Question

We have an old application, that uses HTTP (port 80) to make requests to a web service over the internet. We want these calls to use HTTPS (port 443). The web service endpoint only supports TLS 1.2 while the old application cannot support anything newer than TLS 1. So I am checking to see if we can make the call from the old application to the internal F5(LTM) then to the web service in order to support the encrypted traffic.  This way the F5 can manage the TLS1.2 termination. is this possible?

As is:
Old app (HTTP) ----&gt; Fire Wall ----&gt; web service
Proposed:
Old app (HTTPs/TLS 1) ----&gt; internal F5 (HTTPs/TLS 1.2)  ----&gt; Fire Wall ----&gt; web Service

harshapotharaju · Answer

Yes. Create https vip and assign http pool to it. For ssl profiles, client ssl is enough. Should not assign server ssl profile to the vip.&nbsp;
Webservice - Firewall - F5 https tls1.2 - app http tls1.0&nbsp;
Let me know what you got after this. We may have to modify ciphers also.&nbsp;

Forum Discussion

Old web application support through F5 LTM

1 Reply

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Application Programming Interface (API) Authentication types simplified

Enhanced Modern Applications and MicroServices SSO with NGINX

TMOS v17 support policy

Secure Modern Applications and MicroServices SSO with NGINX

f5 iHealth and Support