re-encrypt with different cipher on server-ssl profile?

Question

Is it possible to set a client ssl profile to cipher with diffie-helman and re-encrypt on the server ssl side to RSA? I presume this would be taxing on the device, but I need to understand the ins and outs of it.

al_7443 · Answer

Yes, it's supported. The LTM decrypts and re-encrypts traffic anyway so there is no huge difference in doing this. If you only have RSA in the suites accepted by your back-end server then the LTM will do it automatically. If not, create a server SSL profile with custom ciphers.

samir_jha_52506 · Answer

Yes, You can make it. Only thing you need to create two profile(client-SSL and Server-SSL) to solve issue. Allow the cipher as per requirement and test it in non-prod device.&nbsp;
Hope it will work for you.&nbsp;

Forum Discussion

re-encrypt with different cipher on server-ssl profile?

2 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Check a Virtual Server's SSL Status

SSL Full Proxy - SSL Re-Encryption performance degradation

SSL Re-Encryption - No SSL traffic on server side

Client vs Server SSL profile

Copper SFP Differences