Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

  1. Kemp Support
  2. Knowledge Base
  3. Content Delivery

Offload and re-encrypt on parent VS with subVS

Updated

 

Information

 

Summary:

User wants to have ssl offload and re-encrypt on the same parent VS and subVS
Environment:

Product: Loadmaster

Version: Any

Platform: Any

Application: HTTPS/HTTP web applications
Question/Problem Description:

Customer created 1 VS listening on TCP/443, the SSL acceleration is enabled.
There is also an HTTP to HTTPS auto redirect VS.
Inside this HTTPS VS has several subVS, with content rules base on requested URL (in order to select to appropriate subVS when a user browsed a specific URL).

Some subVS has real servers listening on HTTPS (TCP/443). For this reason, the parent VS is enabled with SSL re-encrypt.

But there are other subVs with real servers listening on HTTP (TCP/80). Which doesn't work when browsed because SSL re-encrypt is enabled in the parent VS.

If the SSL re-encrypt in the parent VS is disabled, the subVS with HTTP real servers work, but those HTTPS real servers doesn't.

How can this can be configured so that all subVS (with HTTP and HTTPS real servers) can work under the one HTTPS VS?
Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause: Unfortunately this is expected behavior at the moment.
Resolution:  
Workaround: Possible to use a nested VS to accomplish this.

VS1 192.168.1.51:443 re-encrypt -> RS1 192.168.1.61:443
VS2 192.168.1.61:443 which is RS1 IP -> offload to actual RS2 192.168.1.62:80
Notes:  

Comments

In this document