Options

off load ssl and wild card ssl

larkspurlarkspur Member Posts: 235
in Off-Topic
I have a new citrix farm coming up at a diffrent site. I want to off load the ssl on the outside of the load balanacer (LTM) but get an ssl error when I coonect to the citrix back end servers.

does an ssl cert need to pass between front ends and back ends or can they communciate via port 80?

Also has anyone used wild card ssl certs on thier equipment? if so can you move the cert around to diffrent nodes hosting different resources?

tia
just trying to keep it all in perspective!
· Share on FacebookShare on Twitter

Comments

  • Options
    rossonieri#1rossonieri#1 Member Posts: 799 ■■■□□□□□□□
    hi,

    if you have a front-end active devices such as router or firewall or web-proxy (that blocks all traffics) - you will need to terminate the ssl (off-loading) on that device (that is if you make those devices as active ssl broker) - otherwise there will be no connection at all.

    by default web-based ssl can be in form of https which run on port 443 - but other ssl can be run on any port.

    an ssl cert cant be moved from one machine onto anther - but you can request/download another cert.
    the More I know, that is more and More I dont know.
    · Share on FacebookShare on Twitter
  • Options
    larkspurlarkspur Member Posts: 235
    cool, thanks for the response.
    just trying to keep it all in perspective!
    · Share on FacebookShare on Twitter
Sign In or Register to comment.