11-29-2011 11:09 AM
I testing the 4710 for load balancing between 2 web servers. I have the http portion working just fine but would like to get some input on the SSL portion.
We have a section of our site that requires user login and the whole session is https from when they login and when they are browsing through our site.
My questions are within the design aspects. Would this best be designed using SSL offloading and then using clear text from the ACE to the web servers? Also, what would the differences be with configuring ssl offloading with stickiness if configured with http server load balancing on the same server farm versus creating a new server farm just for https? Would end-to-end ssl be best in this scenario?
Description of the web application usage:
Users log in and their whole session is https. Users will be filling out forms, inputting data, registering for events and uploading some files.
Solved! Go to Solution.
11-30-2011 01:42 PM
Use cleartext in back end (the most simple way to do it), cookie based persistance and don't forget to enable SSL rewrite / SSL redirect
11-30-2011 01:42 PM
Use cleartext in back end (the most simple way to do it), cookie based persistance and don't forget to enable SSL rewrite / SSL redirect
12-01-2011 01:47 PM
Okay so that makes sense to me now. When the client requests an HTTPS page and the ACE terminates the connection, the ACE uses SSL rewrite/redirect to send the request back to the client so that the client still maintains the SSL connection. Otherwise it will request an HTTP page instead of the HTTPS page.
Am I correct?
12-01-2011 01:54 PM
yes
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: