Forum Discussion

Luca_55898's avatar
Luca_55898
Icon for Nimbostratus rankNimbostratus
Aug 26, 2012

Performance(HTTP) Profile - cookie persistence

Hi,

 

I have a customer who is doing their own SSL encryption on their servers. So on our LTM I enabled a Performance(HTTP) VS and also enabled cookie persistence.

 

When I checked my broswer (firefox) I noticed that I was not getting a cookie from the LTM. Cookies from the BIGIP device look like BIGipServervs-............. But when looking at the site behind this VS there are none.

 

Is this something to do with the site doing their own SSL?

 

 

3 Replies

  • Hi Luca,

     

     

    Can you list the virtual server configuration and reply with the anonymized output (tmsh list ltm virtual MY_VS)? Are

     

     

    For reference, here is the list of profiles that each virtual server type supports:

     

     

    sol12272: Overview of virtual server types for BIG-IP version 10.x

     

    https://support.f5.com/kb/en-us/solutions/public/12000/200/sol12272.html

     

     

    Aaron
  • Nate_7016's avatar
    Nate_7016
    Historic F5 Account
    In order to use cookie persistence the LTM has to decrypt the data so it would need the SSL key and cert. It could decrypt and re-encrypt and pass to the server if needed.

     

     

    The reason for this is that with SSL the data (HTML) is encrypted so it's not possible for the LTM to insert a cookie.
  • Nate_7016's avatar
    Nate_7016
    Historic F5 Account
    Let me clarify - the LTM can't insert a cookie into encrypted data. Therefore, without the key/cert cookie persistence will notwork with HTTPS.