Thursday 19 September 2019

What is SSL Bridging in F5 LTM?

SSL Bridging

--> Client SSL Profile only encrypts the traffic between Client and F5 LTM.

--> It does not encrypt the traffic between F5 LTM and Real Server.

--> But if there is a requirement that the traffic between LTM and the real server also need to be encrypted then in that case we use SSL Bridging.

--> SSL Bridging or SSL Termination allows the traffic between LTM and Real Server to be encrypted before sending.

--> In order to enable SSL Bridging, we need to create SSL Server Profile and assign it to the Virtual Server in addition to Client SSL Profile.
--> Once you apply Client SSL and Server SSL Profile to the Virtual Server, F5 LTM Creates two encrypted sessions:

i) Encrypted Session between Client and F5 LTM. ( Client SSL Profile)

ii) Encrypted Session between F5 LTM and Real Servers ( Server SSL Profile)

--> We can use different Certificates for different Sessions in F5 LTM.

--> For example, We can use SSL Certificate with higher key length on Client SSL Profile and SSL Certificate with lower key length on Server SSL Profile.

--> SSL Bridging Concept needs to be applied on Correct Pool on F5 LTM. ( Only For pool with HTTPS traffic)

Ref:--F5.com

No comments:

Post a Comment

iRule

  iRule: -- o iRule is a powerful and flexible feature within the BIG-IP local traffic management (LTM). o IRule is a powerful & flexibl...