SSL offloading on ACE

Unanswered Question
Mar 5th, 2009

Hi all,

I'm working on deployment of ACE appliances for our customer. They want to terminate SSL connections on the ACE. But it's not HTTP encrypted inside.

It's some proprietary protocol encrypted inside the SSL. Here, the server contacts the client first, after the TCP/SSL connection is established.

But with ACE, after the SSL is set up, the ACE is waiting for some message from the client.

What I need is to instruct the ACE to establish the TCP connection to real server immediately after the SSL handshake is done.

Unfortunately, end-to-end SSL is not an option. The real server does not support SSL.

Does anyone have similar experience? Or some magic command, which would do this?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
igorkuliffay Fri, 03/13/2009 - 01:30

Actually, we're running latest OS:

Version A3(2.0) build 3.0(0)A3(2.0)

I'd say this behavior is standard. ACE waits for HTTP GET message before it initiates TCP session to real server.

The question is, how to change it..

Gilles Dufour Tue, 03/17/2009 - 05:59

disable persistence rebalance with a parameter-map and it will open the connection right after the ssl handshake without waiting for some data.



This Discussion