Edge do not terminate clients HTTPS (SSL sessions). Edge load balances TCP sessions to the servers. Client SSL sessions are terminated to the servers (not the edge). L7 application rules can not be applied.

Prerequisites

Note:

Certificates are not required for the HTTPS passthrough scenario.

Procedure

  1. Create the HTTPS application profile.
    1. Log in to the vSphere Web Client.
    2. Click Networking & Security and then click NSX Edges.
    3. Double-click an NSX Edge.
    4. Click Manage, and then click the Load Balancer tab.
    5. In the left navigation panel, click Application Profile. For more details, refer to Managing Application Profiles.
    6. Create a new application profile with the following parameters:
    • Select Type as HTTPS from the list.

    • Select the Enable SSL Passthrough check box.

    • Select the Persistence as None.

    Note:

    Certificates are not required for the HTTPS passthrough scenario.

  2. Create a virtual server.
    1. Log in to the vSphere Web Client.
    2. Click Networking & Security and then click NSX Edges.
    3. Double-click an NSX Edge.
    4. Click Manage, and then click the Load Balancer tab.
    5. In the left navigation panel, click Virtual Servers. For more details, refer to Managing Virtual Servers.
    6. Create a new virtual server with the following parameters:
    • Select the Enable Virtual Server check box to make the virtual server available for use.

    • Select Protocol as HTTPS.

    • Select the default pool that is composed of HTTPS servers.

    • Select the application profile configured in step 1.

      Note:

      If Enable Acceleration check box is selected and there are no L7 related configurations, the session would NOT be terminated by the edge.

      If Enable Acceleration check box is not selected, the session would be treated as L7 TCP mode, and edge will terminate it into two sessions.