Suraj Nair Posted November 22, 2023 Share Posted November 22, 2023 Wanted To understand if how does SSL offloading help in load balancing. If SSL Offloading feature is not enabled does it impact the key functionality of the load balancer or does SSL offloading help in optimizing the traffic.?Further If SSL certificates installed have expired does SSL offloading still work or the installed certificates also needs to be renewed? Link to comment Share on other sites More sharing options...
Andrew Scott Posted November 22, 2023 Share Posted November 22, 2023 Hello SurajIt helps as typically SSL (or really TLS as it is now) can be a heavy workload for a server that isn't designed for it. The initial handshake can have some additional loading for the server. Offloading it to the NetScaler has potentially two benefits. You can possibly have fewer application servers to serve the same number of users, as the loading is lighter with the NetScaler in place.Alternatively, you can scale to bigger numbers of users with the application estate being the same size.Take over the world!How much less? We quote typically 60% as the benefit, so if you are running this environment in the cloud that could be quite a saving.You need it enabled...You need the certificate in date! Having expired certs encourages you users to ignore warnings and can allow a hacker to do some sort of man-in-the-middle attack. Also, certs are not that expensive (or should not be)..I hope that helps. Link to comment Share on other sites More sharing options...
Suraj Nair Posted November 27, 2023 Author Share Posted November 27, 2023 Thanks Andrew, that did help,Just follow-up on certificates, is it also required for all the Web application URLs that we onboard? The context is when an organization has multiple URL's accessed by clients and traffic passes through LB as per architecture. So every application URL that we onboard for SSL offloading once that certificate expires, needs to be renewed on a timely manner for the SSL offloading functionality to be performed? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now