HTTP/HTTPS pass through with no certificate

Question

Hi!&nbsp;
We're using a couple of Big-IP instances in AWS to perform HTTP redirection for some of our clients. Their only purpose is to redirect domain root visitors to the site's WWW record, which points to our HA pair in our data center where the web servers live.&nbsp;
We've been deploying SSL certificates to each of these redirecting Big-IPs since we need to be able to redirect on HTTPS. However, managing all of the certificates on multiple Big-IPs is getting out of hand.&nbsp;
I'd like to be able to set up the virt on the Big-IPs in AWS to use the HA pair as their source - as a sort of pass through. I've tried multiple options which seem to be correct, but it's not working correctly. I believe where we're getting hung up is with SNAT - the responses from the HA pair are going to the private IP address of the AWS Big-IP and not going back to their actual destination.&nbsp;
Does anybody have experience with this sort of setup? Essentially it's a WAN LB with SSL pass through.&nbsp;
Thanks!&nbsp;
Jesse&nbsp;

shirancohen_325 · Answer

Hi Jesse, 
Generally, you just need to setup VS Type "Performance (HTTP)" or "Standard" with no SSL Profile selected.
Specifically, i don't know about your setup.&nbsp;
Best Regards,&nbsp;

jesse_reinhart_ · Answer

Thanks, I'll give that a shot and let you know what the results are.&nbsp;

Forum Discussion

HTTP/HTTPS pass through with no certificate

2 Replies

Recent Discussions

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Related Content

iRule to take cookie from HTTP Response into HTTP Request via table

What is HTTP Part X - HTTP/2

Re: Management Certificate

Insert Client Certificate In Serverside HTTP Headers

Http server node receives partial http request big-ip load balancer