Managing Client-Side HTTP Traffic Using a CA-Signed RSA Certificate

When you want to manage HTTP traffic over SSL, you can configure the BIG-IP system to perform the SSL handshake that target web servers normally perform.

A common way to configure the BIG-IP system is to enable client-side SSL, which makes it possible for the system to decrypt client requests before sending them on to a server, and encrypt server responses before sending them back to the client. In this case, you need to install only one SSL key/certificate pair on the BIG-IP system.

This implementation uses a certificate signed by an RSA certificate authority (CA) to authenticate HTTP traffic.