httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Schöchlin ...@256bit.org>
Subject Re: AW: [users@httpd] Client certificate auth behind f5 loadbalancer
Date Sat, 28 Jun 2014 15:04:12 GMT
Hi,

On 06/26/2014 04:08 PM, Andre.Wendel@bmw.de wrote:
> Why do you terminate the ssl on the F5 and not on the Apache-backend? We load balance
IP/Port-based on the F5 and terminate the SSL on the Apache backend, so you would be able
to turn on your SSLEngine and Proxy the SSL from the F5 on the SSL Standard SSL Port 443 of
the Apache and you can do everything you want because you have all SSL information.

i use a wildcard certificate on my frontend ip to do irule-based (looking for the hostheader)
backend pool selection.
Therefore it would be good to terminate ssl in the f5.

I will now use a new frontend ip on the loadbalancer and i then i will forward the traffic
to the backend servers....

Regards
Marc

-- 
GPG encryption available: 0x670DCBEC/pool.sks-keyservers.net


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message