suraj11
Nov 22, 2023Nimbostratus
BIG ASM - WAF for https applications
WAF SSL Offloading, https traffic
As per most of the tutrorials and vidoes for utilizing the WAF feature URL is onboarded in a virutal server and http option is selected. Wanted to know can WAF inspect https traffic without implementation of SSL offloading in Big IP / ASM WAF. If the installed SSL cleint / certificates are expired are warning or error popped to notify expiration of certificates, furter can WAF still analyse https / encrypted traffic even if the onboarded SSL certificates have expired. Is there any other way the BIG IP ASM WAF can inspect https traffic after https url is onboarded since most of the websites and applicaitons now mandate https.