Client traffic is decrypted/encrypted on the LoadMaster and passed unencrypted to the application servers on port 80. It is assumed that the LoadMaster is configured with a single IP address in the guidelines below.

  1. Login to the LoadMaster UI by opening a https session (port 443 default/8443 on Azure/AWS) on the LoadMaster IP address. The default username is bal and the password is what was set earlier when the LoadMaster was provisioned.
  2. In the navigation menu, select Virtual Services and the Add New option.

  3. Set the Virtual Address to the IP address of the LoadMaster instance.
  4. Set the port to 443 because you want to handle SSL traffic.
  5. Type a service name (optional) and click Add this Virtual Service.

  6. Expand the SSL Properties section.
  7. Select the SSL Acceleration Enabled check box. The LoadMaster generates a self-signed certificate for the SSL service that can be replaced with a trusted certificate if required.
  8. Add the web application servers. With LoadMaster, the application servers are referred to as Real Servers.
  9. In the Real Servers section, select Add New.

  10. Specify the Real Server IP address and port. The other settings may be left as default.
  11. Repeat for each Real Server you want to add.

You should now be able to send traffic through the load balancer on port 443, which is then forwarded to the Real Servers. For further guidance on configuring service options, consult the Kemp guide to configuring an SSL Virtual Service. Detailed documentation on LoadMaster configuration and features is available from the Kemp Resource Library.