Load Balancers have the ability to provide SSL offloading, which can dramatically reduce the load on systems currently performing the function. In order to utilize SSL offloading, a Load Balancer must be purchased that offers the capability. Load balancers offering SSL capability are currently noted with verbiage “with SSL offload” under the Load Balancer connections/second ordering option. After the SSL offloading-enabled Load Balancer has been provisioned, it must be configured. Follow the steps below to configure SSL offloading on a Load Balancer.
Configure SSL Offloading
- Access the Load Balancers screen in the Customer Portal. Refer to Access the Load Balancers Screen.
- Click the VIP Address of the desired Load Balancer to access the Details screen.
- Under the actions drop down select Configure SSL.
- Select the desired SSL Certificate from the Certificate drop down box.
- Non-dedicated Load Balancer virtual IPs (VIPs) are limited to a maximum SSL certificate bit size of 2048.
- At least one (1) SSL Certificate must be stored on the Customer Portal in order to successfully complete this step. Refer to Import an SSL Certificate.
- Select the Enabled check box.
- Select the ciphers you wish to support.
- Click the Update button.
What Happens Next
After activating SSL offloading on a Load Balancer, the state of the SSL changes from disabled to active . The load carried by systems that previously handled SSL connections will generally decrease after SSL offloading has been activated. At any time, the SSL offloading status may be changed. Return to the Offload SSL tab and deselect the check box to disable SSL offloading for the Load Balancer.