This article applies to the Barracuda Load Balancer ADC version 5.1 and above.
The Barracuda Load Balancer ADC can decrypt incoming SSL traffic to reduce the load on the real servers. Traffic coming from the real servers is also encrypted and sent to the client. No SSL configuration on the real servers is necessary; all SSL certificates are stored on the Barracuda Load Balancer ADC.
Web applications and any TCP application using a TCP Proxy service type can take advantage of SSL offloading. SSL offloading is not compatible with Direct Server Return.
You can configure SSL offloading when creating or editing any secure service type (e.g., Secure TCP Proxy, HTTPS). To configure SSL offloading, configure the real servers for the service to use port 80 and disable SSL.
- Go to the BASIC > Certificates page and ensure that a certificate has been uploaded to the Barracuda Load Balancer ADC for the service. Upload one SSL certificate for each service. A certificate can be ordered from a trusted Certificate Authority such as VeriSign. If SSL processing was previously done on the server, then retrieve the certificate from that server.
- Go to the BASIC > Services page and either create or edit the secure service with its real servers:
- In the SSL Settings section of the service settings, ensure that the SSL certificate has been selected.
- In the settings of the servers that you add for the service, use Port 80 and set Server Uses SSL to No.