Apologies, let me clarify.
Proxy certificate creation is not the issue. Thats the easy bit
Our customer has a custom application. This application has 'live' servers and 'development' servers on the same subnet.
Currently we match traffic for this application for this application using an in-path rule, matching the whole destination subnet and a port-label (custom ports are used).
Pre-optimisation Policy : Oracle Forms
Latency policy : HTTP
Data Reduction : Normal
Now the customer is adding SSL to the development side, which will need an additional in-path rule to optimise properly.
The new SSL-enabled version of the application will be running on the same IP subnet and custom ports which is leading to the question.
With two rules matching the same subnet and ports (I suspect we just need to change the preop policy to SSL on the new rule) will the Riverbed be able to differentiate and match sessions on both rules or will it just pass through after matching the original rule?
Both versions of the app will need to coexist and (if possible) be optimised at the same time.
Is this possible?
Thanks in advance.
Scenario is much clear now. Thanks.
Yes, I think that is the right way to do.
Be sure to place new rule (SSL) above the original rule.
Now, when SH receives traffic from SSL based application then it will match the new rule.
When it sees normal traffic from that subnet then it will simply ignore new SSL rule and check for next rule in the list for better match.
Share your test results to see if this works or needs some more tweaking.