HTTPS true "End to End" encryption

Question

Hello!&nbsp;
I am searching for information/explanation in regards for true "End to End" encryption on a LTM Config.&nbsp;
We do have a dilemma with our auditors when the LTM is listening on port 443 but doesn't have the SSL Cert and the Pool of members assigned to the VIP does have it.&nbsp;
They say that "between the user and the LTM the information is not encrypted."&nbsp;
Any light for this "urban legend"?&nbsp;
Thank you&nbsp;
J&nbsp;

ekaleido · Answer

The auditors would be wrong. But if you want to use the cert on your LTM you will gain much more agility with regards to the traffic and what you can do to it with irules and such.&nbsp;
You will need to import your cert and key to the LTM (System-&gt;File Management-&gt;SSL Certificate List) and then create a client SSL profile (Local Traffic-&gt;Profiles-&gt;SSL-&gt;Client).&nbsp;

Forum Discussion

HTTPS true "End to End" encryption

1 Reply

Recent Discussions

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Let's Encrypt

What really breaks the "end-to-end nature of the Internet"

Automate Let's Encrypt Certificates on BIG-IP

Encrypting Cookies