Post

F5 - SSL Offloading

Posted
By Sena Perdiana 1 min read


What is SSL Offloading?


F5 SSL offloading is the practice of transferring the task of encrypting and decrypting secure web connections from web servers to specialized F5 devices, enhancing performance by freeing up server resources and improving security management.


x

In this setup, there will be 2 unsecure web servers running on port 80 being members of a Virtual Server which where the SSL Offloading takes place.



Configure Certificates


First let’s update F5’s certificate so it’ll use a CA Signed Certificate.
Go to System » Certificate Management » Traffic Certificate Management, Create new

x


After that we’ll get a Certificate Signing Request (CSR)

x


Then just sign the CSR on the Certificate Authority (CA) of the local domain, in this case is on a Windows Server of the Domain Controller.

x


After that, just import the certificate that we just got from the CA

x

x



Configure SSL Profile


Now we create a SSL Profile that we’ll to use on the Virtual Server,
Go to Local Traffic » Profiles » SSL, Create new

x

x

Just select the certificate and the key that has just been created earlier



Configure SSL Offloading on Virtual Server


Now go to the LTM’s Virtual Server, change the port to 443 and add the SSL Profile

x

x


And now if we access the Virtual Server on https://f5.helena.gg, we should get a secure SSL connection

x


Security, F5
F5
This post is licensed under CC BY 4.0 by the author.