This implementation uses an RSA self-signed certificate to authenticate HTTP traffic. When you want to manage HTTP traffic over SSL, you can configure the BIG-IP system to perform the SSL handshake that target web servers typically perform.
A common way to configure the BIG-IP system is to enable client-side SSL, which makes it possible for the system to decrypt client requests before forwarding them to a server, and to encrypt server responses before returning them to the client. In this case, you need to install only one SSL key/certificate pair on the BIG-IP system.
To implement client-side authentication using HTTP and SSL with a self-signed certificate, you perform a few basic configuration tasks.