Create the NGINX HTTPS Re-encrypt Virtual Service

Follow the steps below to create and configure the recommended settings for the NGINX HTTPS Re-encrypt Virtual Service:

1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.

   

2. Type a valid IP address in the Virtual Address text box.
3. Type 443 in the Port text box.
4. Enter a recognizable Service Name, for example Nginx HTTPS Re-encrypt.
5. Ensure tcp is selected as the Protocol.
6. Click Add this Virtual Service.
7. Configure the settings as shown in the following table:

   Section	Option	Value	Comments
   Standard Options	Persistence Mode	Active Cookie	You need to enable SSL Acceleration before you can select Active Cookie as the Persistence Mode.
   	Timeout	1 Hour
   	Cookie name	JSESSIONID
   	Scheduling Method	least connection
   	Idle Connection Timeout	900
   SSL Properties	SSL Acceleration	Enabled
   	Reencrypt	Enabled
   	Supported Protocols	TLS1.0, TLS1.1, TLS1.2, TLS1.3	While this workload may not support TLS1.3 yet, we recommend enabling it for future proofing.
   	Cipher Set	BestPractices
   Advanced Properties	Add a Port 80 Redirector VS	https://%h%s	Click Add HTTP Redirector. This automatically creates a redirect on port 80. Note: This field disappears after it is clicked.
   Real Servers	URL	/

8. Add the Real Servers:
   1. Expand the Real Servers section.
   2. Click Add New.
   3. Type the address of the Real Server.
   4. Type 443 as the Port.
   5. Click Add This Real Server.
   6. Repeat the steps above to add more Real Servers as needed, based on the environment.

Configure the NGINX HTTPS Re-encrypt HTTP Redirect Virtual Service

Clicking the Add HTTP Redirector button automatically creates a port 80 redirect Virtual Service. This is optional, but the purpose of this Virtual Service is to redirect any clients who have connected using HTTP to the HTTPS Virtual Service. We also recommend changing the Real Server Check Method and Persistence Mode to None.