GLM_191985
Cirrus
CirrusSSL Offloading
So basically when SSL get offloaded , it is in a plain text and it has to be forward to any port which understand plain text so when it's again 443 on server. Does it understand traffic ??
Forum Discussion
5 Replies
Dylan_375544Cirrocumulus
When SSL is offloaded to the BIG-IP, the traffic must be sent to a port that is listening for and expecting NON encrypted traffic (port 80). If you send it to a back-end server that is expecting 443, or encrypted traffic, it will not understand it.
HERE is some good info on that topic!
Hope that helps! If it does please up-vote and select this answer, it'd be greatly appreciated!
-Dylan
Michael_Saleem1SSL Termination Mode Description SSL Profiles
SSL Offload The SSL certificate is terminated on the virtual server only. The BIG-IP receives the encrypted traffic, decrypts it and forwards it plain text to the backend servers This reduces processing burden on the backend servers and therefore increases performance CLIENT-SSL PROFILE
SSL Bridging The SSL certificate is terminated on *BOTH* the virtual server and backend servers. This is referred to end-to-end encryption. The BIG-IP receives encrypted traffic, decrypts and re-encrypts it on the backend, forwarding it encrypted to the backend servers CLIENT-SSL PROFILE & SERVER-SSL PROFILE
SSL Pass Through The SSL certificate is terminated on the backend servers only. The BIG-IP simply forwards the SSL encrypted traffic to the backend servers NO SSL PROFILE
- Dylan_375544
That's a good chart!
GLM_191985HERE is some good info on that topic!
I don't get what you want to share on this link?
I believe it doesn't matter on backend server , what port it listen on.. Any link with example?