Alex_McShane_23
Nov 09, 2017Nimbostratus
Authentication & Encryption between BIG-IP VS and application server
Hi -
I would be grateful for clarity with regard to the following.
I have a requirement to not only enable Authentication and Encryption between the User/Client and BIG-IP, but additionally, between the BIG-IP VS and the backend application servers.
With regard to Authentication / Encryption between BIG-IP and the application servers, my initial thoughts were that this simply entailed additionally defining a Server SSL Profile and populating the following options within the section "Server Authentication":-
- Server Certificate: require
- Authenticate Name: specify
- Trusted Certificate Authorities: specify
However, having read many articles, it is not clear to me as to whether this ONLY facilitates Authentication of the server or additionally encryption between BIG-IP and the application server?
For example, to enable encryption between the BIG-IP VS and the application server, do I additionally need to specify the section "SSL Forward Proxy" within the CLIENT SSL Profile?
Much appreciated
Alex