07-03-2007 06:50 AM
Hi
Could anyone tell me if HTTPS sessions are syncronized to the redundant CSS, I couldn't find any definitive that helps
Cheers
07-03-2007 07:15 AM
only the tcp part of the https connection is replicated to the standby unit.
So, if ssl is terminated on the server then the failover will be transparent.
If ssl is terminated on the CSS itself, then a failover will break the ssl connection.
Gilles.
07-03-2007 07:15 AM
Hi,
Well about the ASR it will synch the active connections on normal HTTP, but when dealing with HTTPS the connection requires a secure handshake that involves certificates & keys, once this tunnel is open it cannot be replicated to the backup box (for secure reasons basically).
So when the ASR fails over, all the SSL/TLS active connections will have to renegotiate on the second box.
Thanks.
Josega.
07-03-2007 10:30 AM
Hi
So all https sessions that terminate on a server wont be replicated to the standby box
Cheers
Stephen
07-03-2007 10:41 AM
The HTTPS sessions terminated on the servers will be replicated on the standby box.
The HTTPS sessions terminated on the CSS will not be replicated to the standby box.
Thanks.
Josega
07-03-2007 10:44 AM
I do't think so.
If your CSS is doing the termination SSL then all ssl connections will be lost, but if your server is terminating, and failure occur on the CSS, the flows are replicated to the backup CSS.
If the failure occur on one of the servers, the connection with that server will be lost.
David
07-03-2007 10:46 AM
you're rigth josega
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: