Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

ACE - Load Balance insert cookie method for https

I am trying to load balance between 2 web servers using the cookie insert method by ACE for achieving the session persistence. The servers are not inserting any cookie. It works fine for the http connections but when trying with https connection it is not working.

Can anyone help me with this please.

Is it that ACE cookie insert method of session persistence will not work with https connections.

4 REPLIES

Re: ACE - Load Balance insert cookie method for https

In order to insert cookie in a Https you need to offload SSL first. Https traffic is encrypted and you cannot manipulate the header while its encrypted.

Syed Iftekhar Ahmed

Community Member

Re: ACE - Load Balance insert cookie method for https

Thanks.

What other method can we use to sticky the HTTPS connection.

This is client server application, with huge number of clients accessing the server. what can be the best method for this scenario.

Re: ACE - Load Balance insert cookie method for https

If there is no Megaproxy issue (Clients are not using Mega proxy servers) then Source IP based persistence will be the best option.

Syed Iftekhar Ahmed

Community Member

Re: ACE - Load Balance insert cookie method for https

Hi,

1. for https you can use src ip as sticky (mega proxy problem).

2. you can terminate ssl connection on ace (ssl between client and ace only, between ace and server it's clear) and you can use any L7 sticky (for example cookie)

3. if you need ssl terminate up to real server, you can first terminate ssl between client and ace on ace, then use L7 sticky and after then terminate second ssl to real server.

in other words, if you don't decrypt ssl on ace, you can use only L2/3 data for sticky (or ssl id for ssl v2.0)

martin

404
Views
0
Helpful
4
Replies
CreatePlease to create content