Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
543
Views
0
Helpful
1
Replies

SSL Offload Requests

bs6825
Level 1
Level 1

‎01-16-2008 12:59 PM

When using any loadbalancer, CSS, CSM or ACE and doing SSL offload, how does the request to the backend server get created? For example if the client requests https://secure.example.com/privatedata.html and that url is configured for SSL offload on the loadbalancer, it the request from the LB to the server just http://secure.example.com/privatedata.html ? What would the request look like if SSL offload and backend SSL are both configured? Are there methods to modify the default behavior on any of the platforms?

TIA

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎01-17-2008 12:34 AM

First you have to understand that a url is not sent the way you type it in http.

So the request actually looks like this :

GET /privatedata.html

Host: secure.example.com

This request is encrypted with SSL if you enter the url with HTTPS:// and is sent in cleartext if you don't use SSL.

So, what the offloader will do is simply decrypt the traffic and whatever the request will send it in cleartext to the server ip address.

The offloader can't change the content of the request. However, it can add some lines in the header.

Also, instead of just transmitting in cleartext, the loadbalancer can re-encrypt so the communication between offloader and server is also SSL.

Again, the request (see above) does not change.

Gilles.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents