When it is mandatory to use end to end SSL

Question

When it is mandatory to use end to end SSL i.e. installing cert on both LB and real servers ?
What are the restrictions in this setup ?&nbsp;

chris_grant · Answer

If you don't need to manipulate or inspect the data you can simply configure SSL on the back end server and allow it to remain encrypted as it passes the BigIP. If you need to look at the data or change it then you will need to have your cert installed in both places. As far as restrictions, you need to ensure that the ciphers you need are supported on both the serverside and clientside SSL profiles, and you should know that using client certs in that situation is painful at best (at worst it won't work). Other than that there aren't a lot of restrictions.

Forum Discussion

When it is mandatory to use end to end SSL

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Rewrite uri translation not working

Chrome V 124+ on MacOS - Virtual Server Access Issue

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

LTM Virtual Server Require Mandatory Settings

Is FloatingIP mandatory for all interfaces/Vlans ?

Mandatory parameter on a URL

SAN (Subject Alternative Name) query - is it mandatory ?

Change root password - is reboot mandatory