Follow the steps below to create and configure the recommended settings for the Aequitas HTTPS Re-Encrypt Virtual Service:

  1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.
  2. Type a valid IP address in the Virtual Address text box.
  3. Type 443 in the Port text box.
  4. Enter a recognizable Service Name such as Aequitas Re-Encrypt Virtual Service.
  5. Ensure tcp is selected as the Protocol.
  6. Click Add this Virtual Service.
  7. Configure the settings as shown in the following table:

    Section

    Option

    Value

    		 Comment

    SSL Properties

    		SSl Acceleration Enabled
    Reencrypt Enabled
    Supported Protocols TLS1.0; TLS1.1; TLS1.2; TLS1.3 While this workload may not support TLS1.3 yet, we recommend enabling it for future proofing.
    Cipher Set BestPractices
    Standard Options Persistence Mode Active Cookie

    		Timeout 1 Hour

    		Cookie name LM_Aequitas
    Scheduling Method least connection
    Advanced Properties Add a Port 80 Redirector VS https://%h%s Click Add HTTP Redirector. This automatically creates a redirect on port 80.
  8. Add the Real Servers:
    1. Expand the Real Servers section.
    2. Click Add New.
    3. Type the address of the Real Server.
    4. Type 443 as the Port.
    5. Click Add This Real Server.
    6. Repeat the steps above to add more Real Servers as needed, based on the environment.

Create an Aequitas HTTPS Offloaded Redirect Virtual Service

Clicking the Add HTTP Redirector button automatically creates a port 80 redirect Virtual Service. This is optional, but the purpose of this Virtual Service is to redirect any clients who have connected using HTTP to the HTTPS Virtual Service. We also recommend changing the Persistence Mode and the Real Server Check Method to None.