Frequently Asked Questions
Security
My company hosts a website that uses HTTPS. I would like to lessen the burden on the servers by having the LoadMaster decrypt the traffic before it is sent to my server pool, is this possible?
When dealing with encrypted traffic, the LoadMaster has three ways handling such requests.
With this configuration, you will need to import your domain's public certificate and key onto the LoadMaster. This will allow us to decrypt the incoming SSL traffic at the LoadMaster and then pass the traffic to the server unencrypted. In order to support this, the servers must expect and allow secured content to be transmitted over HTTP.
This configuration will require your domain's public certificate and key as well. In this setup, the LoadMaster will decrypt the incoming traffic but will also encrypt the traffic before it is sent off to the server. This allows LoadMaster to perform Layer 7 features without needing to make changes to the server.
- SSL pass through.
- In this situation the LoadMaster would simply allow the SSL traffic to pass unmodified. The LoadMaster would deliver HTTPS traffic the server.
- SSL pass through will be used if SSL acceleration is not enabled.
- SSL offloading.
- SSL offloading will be used if SSL acceleration is enabled but re-encryption is not.
- SSL re-encryption.
- SSL re-encryption will be used if both SSL acceleration and re-encryption are enabled.