This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can you use WAF with HTTPS by just forwarding the HTTPS and not loading cert?

I'm trying to get WAF working but I don't want it to break the SSL cert; I want it to just pass it on to the servers. Is that possible?

The reason I'm trying this is because Server Load Balancing in this router are not working correctly.

v8.302.

This thread was automatically locked due to age.

0 BarryG over 13 years ago

I'm guessing no.

You've already posted about the load balancing not working?

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 coewar over 13 years ago

I have, and I also had discussions with the support team and eventually they were able to reproduce the behavior and have logged it as a bug with the QA dept.

And I think the answer to my question here has to be a NO because if it's balancing at the application layer, I assume it has to break the SSL cert to be able to look at any part of the message. I didn't know if by chance there were parts that were outside of the encryption that would allow it to work. Beats me.

The issue I have with using it and breaking the SSL cert is that the web site behind it is doing some things like flipping an HTTP call to an HTTPS call and the result coming out of the Astaro makes it not work. I've enabled the 2 options for allowing header updates and the other one, but it didn't seem to make it work.
Cancel
Vote Up 0 Vote Down

Cancel