LTM - offload and re-passthru problem "443 - decrypt - re-encrypt 443"

Question

I have a need to decrypt 443 and re-encrypt to the pool member port 443 ; because I will be apply a "Thin Client Persistence" iRule that will allow the connection to persist at a VIP and bounce the user back to the WIP to pick another Pool member(VIP).  But, because the stream is encrypted the LTM cannot manipulate the packets.&nbsp;
Current:
Client:443 -&gt; VIP passthrough -&gt; Pool Member:443&nbsp;
Decrypt Traffic and Re-encrypt to VIP member
Client:443 -&gt; VIP(decrypt)iRULE -&gt; SSL profile (encrypt)443 -&gt; Pool Member:443
-This does not work.  I also tried to apply a SSL cert with a valid CA cert, but no dice.&nbsp;

renato · Answer

Did you try to configure independent client and server ssl profiles for this virtual server? It should permit you to access and modify the request/response data.&nbsp;

Forum Discussion

LTM - offload and re-passthru problem "443 -> decrypt -> re-encrypt 443"

1 Reply

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Get associated pool name from VIP IP using F5-LTM

Disacard SSL::cert mode to ignore when default SSLClient profile is set to request or require

About custome Response Blocking Page

About IPI check ip list

Related Content

SSL Full Proxy - SSL Re-Encryption performance degradation

20 Lines or Less #44: Redirecting, Re-encrypting, and TCP fun

SSL Re-Encryption - No SSL traffic on server side

20 Lines or Less #59: SSL Re-encryption, Mobile Browsing, and iFiles

SSL decryption/re-encryption w/iRule feeding into HTTPS load balance