Yes - you only need to terminate/reinitiate if you need to inspect or modify the underlying information in the SSL encapsulation. If you define the VIP to take SSL then it will be treated like any other TCP traffic.
Thanks Cathy - I added the following config but I still can not connect via https:
class-map match-all VIP
2 match virtual-address 10.1.1.1 tcp
serverfarm host SF
rserver SPWEBPRD1 443
rserver SPWEBPRD2 443
make sure there is no more generic class-map listed before this one in your multimatch policy.
Make the policy is on the correct interface.
Make sure serverfarm shows rservers alive.
Get a 'show service-policy detail' and check if you have any hit on the appropriate class-map.
Thank you - I got it to work by removing port 443 from the rservers in server farm config mode.
Also - Since all the traffic is sourced from the same ip address, will http cookie insert work in the https environment ? Thanks again.
I did not think that you needed to specify the ports in the reserver of the server-farm, if you have already specified the same port in the class-map.
In my case; I have traffic coming in the class-map in port 80 and I would have to redirect it to port 8109. I would than add port 8109 in the reservers in the server-farm.
If things are working for you, then my argument is a mute one.