Configure an HWLB for SSL between an F5 load balancer and an Service Manager server

Prerequisites

Before you begin this process, verify that the following conditions are true:

  • The HWLB is configured for SSL offloading. For more information about how to do this, see Configure an HWLB for SSL offloading.
  • The required Service Manager certificates are generated. For more information about how to do this, see the <topic name> topic in the Micro Focus knowledge base.

Step 1: Create a pool that contains an HTTPS port

To create a pool that contains an HTTPS port, follow these steps:

  1. Click Pools > Pool list.
  2. Click Create, and then type TEST_SSL_SERVER in the Name field.
  3. Select a health monitor. For more information, see Configure an HWLB Health Monitor for the Service Manager server.
  4. In the address field, type the IP address of the Service Manager server, and then set the server port to the HTTPS port of the Service Manager server.
  5. Click Add.

Note You can add as many pool list items as your deployment requires.

Step 2: Configure the session persistence type

To configure the session persistence type, follow these steps:

  1. Click Local Traffic > Profiles > Persistence.
  2. Click Create.
  3. In the Name field, type TEST_COOKIE_INSERT.
  4. In the Persistence Type drop-down list, select Cookie.
  5. Click to select the Custom option on the right-hand side.
  6. In the Cookie Method drop-down list, select HTTP Cookie Insert.
  7. Click Finish.

Step 3: Configure the virtual server to use the SSL profile (Server)

To enable the virtual server to use the server SSL profile, follow these steps:

  1. Click Local Traffic > Virtual Servers > Virtual Server List.
  2. Select the virtual server that you use to load balance client requests to Service Manager servlets.
  3. Select oneconnect as the OneConnect profile.

  4. In the SSL Profile (Client) drop-down list, select TEST_SSL_CLIENT.
  5. In the SSL Profile (Server) drop-down list, select TEST_SSL_SERVER.
  6. Set the SNAT Pool to TEST_SNAT, and then click Update.
  7. On the Resource tab, select the default Pool that contains the HTTPS port of the Service Manager server.
  8. Set the Default Persistence Profile to TEST_COOKIE_INSERT.