SSL offloading on a non-ssl VS

Question

I'd like to set up a virtual server which listens on non-ssl port but the pool members needs to be ssl.
Here's the flow,
F5 Virtual Server (80) -- Pool (443) and the response should be sent back to 80 to Virtual server.
How should I achieve this ? iRule or through SSL profiles ? enabling server ssl and client ssl to empty? will it do it ?&nbsp;

stanislas_piro2 · Answer

Hi,&nbsp;
The answer is in the question!!!&nbsp;
If the virtual server have a serverssl profile without clientssl, it will have the expected behavior!&nbsp;

kai_wilke · Answer

Hi Susheel,&nbsp;
LTM operates always in a full-proxy mode, where the client side connection and server side connection is completely separated.&nbsp;
You can configure the client side connection on whatever port you need (via VS setting) and with or without SSL encryption (via Client-side SSL Profile settings) and combine it with a server side connections on whatever port you need (via Pool Members) with or without SSL encryption (via Server-side SSL Profile). Sky is just the limit in this case...&nbsp;
You will only need to deploy an iRule/LTM Policy if your scenario requires to selectively switch between Server-Side-SSL or Server-Side-Plaintext on the same VS.&nbsp;
Cheers, Kai&nbsp;

Forum Discussion

SSL offloading on a non-ssl VS

2 Replies

Recent Discussions

F5Access | MacOS Sonoma

Active- Active HA setup

syslog server connection

Cannot see floating MAC address outside of ESXi

Rewrite uri translation not working

Related Content

SSL Offloading for specific IPs or range of IPs

have ssl and non ssl pools (or pool members) for a VS

Redirect Non-SSL Requests on SSL Virtual Server Rule

F5 SSL Offload behind Nginx Reverse Proxy

SSL protocol mismatch