CirrusHello all,
Could you please help me to know how encryption/decryption works in a scenario wherein F5 acts as a client and it initiates a session to the web server in the external network which listens on port 443?
Regards,
Thiyagu
MVPhow exactly would F5 be the client?
it is in several ways, for a health monitor F5 is like a client.
for a virtual server the F5 is like a client towards the server pool.
in both cases you just use a server SSL profile to enable to the encryption.
or do you mean something different?
CirrusThanks Boneyard. I'm F5 will be a client and it initiated a session to an external URL for example https://google.com.
in this scenario I would like to know how the SSL handshake works.
Regards,
Thiyagu
MVPi really don't see the difference between any scenario here. it works like any SSL handshake between a client and a server.
if you do it from the BIG-IP via a pool or such then the server SSL profile determines the settings, but beyond that there isnt anything different then when you would do it with a browser yourself.
NimbostratusIf F5 is used as a proxy server, for sites like google.com, you will not be able to intercept the SSL as google will not allow the connection considering a "Man in the Middle" attack. You may have to enable SSL passthrough for the google session.